CVE-2022-3497

LOW

Oretnom23 Human Resource Management System - XSS

Title source: rule

Description

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been classified as problematic. Affected is an unknown function of the component Master List. The manipulation of the argument city/state/country/position leads to cross site scripting. It is possible to launch the attack remotely. VDB-210786 is the identifier assigned to this vulnerability.

References (1)

[Permissions Required, Third Party Advisory] https://vuldb.com/?id.210786

Scores

CVSS v3 3.5

EPSS 0.0022

EPSS Percentile 45.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Details

CWE

CWE-79 CWE-707

Status published

Products (1)

oretnom23/human_resource_management_system 1.0

Published Oct 14, 2022

Tracked Since Feb 18, 2026