CVE-2022-25015

A stored cross-site scripting (XSS) vulnerability in Ice Hrm 30.0.0.OS allows attackers to steal cookies via a crafted payload inserted into the First Name field.

Date published : 2022-02-28

https://github.com/gamonoid/icehrm/issues/285