Medium severity5.4NVD Advisory· Published Dec 12, 2022· Updated Jun 17, 2026
CVE-2022-46906
CVE-2022-46906
Description
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS.
Affected products
2- WebSoft/HCMdescription
Patches
Vulnerability mechanics
References
1- news.websoft.ru/_wt/wiki_base/7175852586100985308nvdVendor Advisory
News mentions
0No linked articles in our index yet.