HRMS
by Adrenalin
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-12653 | Med | 0.43 | 6.1 | 0.03 | Mar 25, 2019 | A Reflected Cross Site Scripting (XSS) vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious JavaScript code in /RPT/SSRSDynamicEditReports.aspx via 'ReportId' parameter. | ||
| CVE-2018-12650 | Med | 0.43 | 6.1 | 0.03 | Oct 24, 2018 | Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting (XSS) vulnerability in the ApplicationtEmployeeSearch page via 'prntDDLCntrlName' and 'prntFrmName'. | ||
| CVE-2018-12652 | Med | 0.40 | 6.1 | 0.01 | Mar 25, 2019 | A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter. |
- risk 0.43cvss 6.1epss 0.03
A Reflected Cross Site Scripting (XSS) vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious JavaScript code in /RPT/SSRSDynamicEditReports.aspx via 'ReportId' parameter.
- risk 0.43cvss 6.1epss 0.03
Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting (XSS) vulnerability in the ApplicationtEmployeeSearch page via 'prntDDLCntrlName' and 'prntFrmName'.
- risk 0.40cvss 6.1epss 0.01
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.