RSS   Vulnerabilities for 'Adrenalin'   RSS

2019-03-25
 
CVE-2018-12653

CWE-79
 

 
A Reflected Cross Site Scripting (XSS) vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious JavaScript code in /RPT/SSRSDynamicEditReports.aspx via 'ReportId' parameter.

 
 
CVE-2018-12652

CWE-79
 

 
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.

 
2018-09-06
 
CVE-2018-12234

CWE-79
 

 
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4.0 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the flexiportal/GeneralInfo.aspx strAction parameter.

 

 >>> Vendor: Myadrenalin 2 Products
Adrenalin
Human resource management software


Copyright 2024, cxsecurity.com

 

Back to Top