Vulnerability CVE-2022-25014


Published: 2022-02-28

Description:
Ice Hrm 30.0.0.OS was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "m" parameter in the Dashboard of the current user. This vulnerability allows attackers to compromise session credentials via user interaction with a crafted link.

 References:
https://github.com/gamonoid/icehrm/issues/283

Copyright 2026, cxsecurity.com

 

Back to Top