Vulnerabilities

CVE-2025-12872

by Fred · 12/11/2025

The a+HRD and a+HCM developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to upload files containing malicious JavaScript code, which will execute on the client side when a user is tricked into visiting a specific URL.

More information : https://www.twcert.org.tw/en/cp-139-10487-12a32-2.html

Similar

Tags: Cybersecurity Alert