Cross Site Scripting (XSS) Vulnerabilities in EasyToRecruit (E2R) before 2.11

Cross Site Scripting (XSS) Vulnerabilities in EasyToRecruit (E2R) before 2.11

CVE-2019-11032 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

In EasyToRecruit (E2R) before 2.11, the upload feature and the Candidate Profile Management feature are prone to Cross Site Scripting (XSS) injection in multiple locations.

Learn more about our Web Application Penetration Testing UK.