CVE-2019-11032
In EasyToRecruit (E2R) before 2.11, the upload feature and the Candidate Profile Management feature are prone to Cross Site Scripting (XSS) injection in multiple locations.
Date published : 2019-04-24
https://www.excellium-services.com/cert-xlm-advisory/cve-2019-11032/