Vulnerability Details CVE-2022-40435
Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via adding new entries under the Departments and Designations module.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.5%
CVSS Severity
CVSS v3 Score 4.8
References
Products affected by CVE-2022-40435
-
Employee Performance Evaluation System Project » Employee Performance Evaluation System » Version: 1.0cpe:2.3:a:employee_performance_evaluation_system_project:employee_performance_evaluation_system:1.0