VYPR

HRMS

by Adrenalin

CVEs (3)

  • CVE-2018-12653MedMar 25, 2019
    risk 0.43cvss 6.1epss 0.03

    A Reflected Cross Site Scripting (XSS) vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious JavaScript code in /RPT/SSRSDynamicEditReports.aspx via 'ReportId' parameter.

  • CVE-2018-12650MedOct 24, 2018
    risk 0.43cvss 6.1epss 0.03

    Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting (XSS) vulnerability in the ApplicationtEmployeeSearch page via 'prntDDLCntrlName' and 'prntFrmName'.

  • CVE-2018-12652MedMar 25, 2019
    risk 0.40cvss 6.1epss 0.01

    A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.