Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicio
Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicio
A flaw has been found in horilla-opensource horilla up to 1.0.2. Impacted is an unknown function of the file static/assets/js/global.js of the component Leads Module. This manipulation of the argument
A vulnerability classified as critical was found in horilla up to 1.2.1. This vulnerability affects the function request_new/get_employee_shift/create_reimbursement/key_result_current_value_update/cre
Stocky POS with Inventory Management & HRM (ui-lib) version 5.0 is affected by a Stored Cross-Site Scripting (XSS) vulnerability within the Products module available to authenticated users. The vulner
A vulnerability was detected in horilla-opensource horilla up to 1.0.2. This issue affects the function get of the file horilla_generics/global_search.py of the component Query Parameter Handler. The
A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Online Nurse Hiring System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a craft
A stored Cross-site Scripting (XSS) vulnerability affecting Opportunity Management in Project Portfolio Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker
A Stored Cross-Site Scripting vulnerability was discovered in the Assets and Nodes functionality due to improper validation of an input parameter. An authenticated user with custom fields privileges c
SourceCodester (rems) Employee Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in add_employee.php via the First Name and Address text fields.
A cross-site scripting (XSS) vulnerability in the /controller/admin.php endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted
OrangeHRM is a comprehensive human resource management (HRM) system. From version 5.0 to 5.7, the application contains an input-neutralization flaw in its mail configuration and delivery workflow that
Cross-site scripting (XSS) vulnerability in HCL Technologies Ltd. Unica 12.0.0.
ChurchCRM is an open-source church management system. Prior to 7.1.0, a stored cross-site scripting vulnerability exists in ChurchCRM's person profile editing functionality. Non-administrative users w
Reflected cross-site scripting (XSS) vulnerabilities exist in System Diagnostics Manager (SDM) of B&R Automation Runtime versions before 6.4 that enables a remote attacker to execute arbitrary JavaScr
A Stored Cross Site Scripting (XSS) vulnerability was found in "/music/ajax.php?action=save_playlist" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute a
Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's HRMGo, consisting of a lack of proper validation of user input by sending a POST request to ‘/hrmgo/ticket/changereply’, using the ‘descript
A stored Cross-site Scripting (XSS) vulnerability affecting Route Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an a
A vulnerability, which was classified as critical, was found in pbrong hrms up to 1.0.1. This affects the function HrmsDB of the file \resource\resource.go. The manipulation of the argument user_cooki
A reflected cross-site scripting (XSS) vulnerability in Audemium ERP <=0.9.0 allows remote attackers to execute an arbitrary JavaScript payload in the web browser of a user by including a malicious pa