Reflected Cross Site Scripting (XSS) Vulnerability in Adrenalin 5.4 HRMS Software via LeaveEmployeeSearch.aspx
CVE-2018-12652 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.
Learn more about our User Device Pen Test.