Security Advisory

CVE-2022-25014

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-28 18:57:32

Last updated 2024-08-03 04:29:01

Assigner mitre

State PUBLISHED

Description

Ice Hrm 30.0.0.OS was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "m" parameter in the Dashboard of the current user. This vulnerability allows attackers to compromise session credentials via user interaction with a crafted link.

← Browse all CVEs View on cve.org ↗