Reflected Cross Site Scripting (XSS) Vulnerability in Adrenalin 5.4 HRMS Software via LeaveEmployeeSearch.aspx

Reflected Cross Site Scripting (XSS) Vulnerability in Adrenalin 5.4 HRMS Software via LeaveEmployeeSearch.aspx

CVE-2018-12652 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.

Learn more about our User Device Pen Test.