Vulnerabilities

CVE-2022-28985

by Fred · 19/05/2022

A stored cross-site scripting (XSS) vulnerability in the addNewPost component of OrangeHRM v4.10.1 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.

Date published : 2022-05-19

https://github.com/orangehrm/orangehrm/issues/1217

Similar

Tags: Cybersecurity Alert