Medium severity6.1NVD Advisory· Published Dec 12, 2022· Updated Jun 17, 2026
CVE-2022-46905
CVE-2022-46905
Description
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS.
Affected products
2- WebSoft/HCMdescription
Patches
Vulnerability mechanics
References
1- news.websoft.ru/_wt/wiki_base/7175852393019676262nvdVendor Advisory
News mentions
0No linked articles in our index yet.