VYPR

5.4 HRMS Software

by Adrenalin

CVEs (2)

  • CVE-2018-12234MedSep 6, 2018
    risk 0.43cvss 6.1epss 0.03

    A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4.0 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the flexiportal/GeneralInfo.aspx strAction parameter.

  • CVE-2018-12651MedDec 20, 2018
    risk 0.40cvss 6.1epss 0.01

    A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the ShiftEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.