VYPR
Medium severity6.1NVD Advisory· Published Dec 12, 2022· Updated Jun 17, 2026

CVE-2022-46905

CVE-2022-46905

Description

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS.

Affected products

2
  • WebSoft/HCMdescription
  • Epicor/HCMllm-fuzzy
    Range: = 2021.2.3.327

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.