Medium severity5.4NVD Advisory· Published Dec 12, 2022· Updated Jun 17, 2026
CVE-2022-46904
CVE-2022-46904
Description
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS.
Affected products
2- WebSoft/HCMdescription
Patches
Vulnerability mechanics
References
1- news.websoft.ru/_wt/wiki_base/7175852133775323458nvdVendor Advisory
News mentions
0No linked articles in our index yet.