CVE-2022-3497

LOW

SourceCodester Human Resource Management System 1.0 - Cross-Site Scripting via Master List Parameters

Title source: llm
STIX 2.1

Description

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been classified as problematic. Affected is an unknown function of the component Master List. The manipulation of the argument city/state/country/position leads to cross site scripting. It is possible to launch the attack remotely. VDB-210786 is the identifier assigned to this vulnerability.

References (1)

Core 1
Core References
Permissions Required, Third Party Advisory
https://vuldb.com/?id.210786

Scores

CVSS v3 3.5
EPSS 0.0033
EPSS Percentile 24.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Details

CWE
CWE-79 CWE-707
Status published
Products (1)
oretnom23/human_resource_management_system 1.0
Published Oct 14, 2022
Tracked Since Feb 18, 2026