Description
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4.0 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the flexiportal/GeneralInfo.aspx strAction parameter.
Exploits (1)
References (4)
Scores
CVSS v3
6.1
EPSS
0.0477
EPSS Percentile
89.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
myadrenalin/adrenalin
5.4.0
Published
Sep 06, 2018
Tracked Since
Feb 18, 2026