Huan Jun Chan

1 exploit Active since Jun 2025
CVE-2025-44206 WRITEUP MEDIUM WRITEUP
Hexagon HxGN OnCall Dispatch Advantage - Authenticated Stored Cross-Site Scripting via Broadcast Person Functionality
Hexagon HxGN OnCall Dispatch Advantage (Web) v10.2309.03.00264 and Hexagon HxGN OnCall Dispatch Advantage (Mobile) v10.2402 are vulnerable to Cross Site Scripting (XSS) which allows a remote authenticated attacker with access to the Broadcast (Person) functionality to execute arbitrary code.
CVSS 4.6