Openbaraza Human Capital Management CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Openbaraza Subscriptions

Filtered by product Openbaraza Human Capital Management Subscriptions

Search

Switch to Advanced Search (Beta)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-38619	1 Openbaraza	1 Openbaraza Human Capital Management	2024-11-21	6.1 Medium
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting (XSS) attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp (with view=).
CVE-2021-38583	1 Openbaraza	1 Openbaraza Human Capital Management	2024-11-21	6.1 Medium
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting (XSS) on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp (with view= and data=).

Page 1 of 1.