CVE-2022-4279

LOW

Oretnom23 Human Resource Management System - XSS

Title source: rule

Description

A vulnerability classified as problematic has been found in SourceCodester Human Resource Management System 1.0. Affected is an unknown function of the file /hrm/employeeview.php. The manipulation of the argument search leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214776.

References (2)

[Exploit, Third Party Advisory] https://github.com/leecybersec/bug-report/tree/main/sourcecodester/oretnom23/hrm/employee-view-xss

View Exploit ZIP pw:eip

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.214776

Scores

CVSS v3 3.5

EPSS 0.0031

EPSS Percentile 53.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Details

CWE

CWE-79 CWE-707

Status published

Products (1)

oretnom23/human_resource_management_system 1.0

Published Dec 03, 2022

Tracked Since Feb 18, 2026