Vulnerability Details CVE-2025-12869
The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.2%
CVSS Severity
CVSS v3 Score 4.8
References
Products affected by CVE-2025-12869
-
cpe:2.3:a:aenrich:a+hrd:5.0
-
cpe:2.3:a:aenrich:a+hrd:5.3
-
cpe:2.3:a:aenrich:a+hrd:5.4
-
cpe:2.3:a:aenrich:a+hrd:5.4.1125v112
-
cpe:2.3:a:aenrich:a+hrd:5.5
-
cpe:2.3:a:aenrich:a+hrd:5.5.1098v156
-
cpe:2.3:a:aenrich:a+hrd:5.6
-
cpe:2.3:a:aenrich:a+hrd:5.6.1067v110
-
cpe:2.3:a:aenrich:a+hrd:6.0
-
cpe:2.3:a:aenrich:a+hrd:6.1
-
cpe:2.3:a:aenrich:a+hrd:6.2
-
cpe:2.3:a:aenrich:a+hrd:6.3
-
cpe:2.3:a:aenrich:a+hrd:6.4
-
cpe:2.3:a:aenrich:a+hrd:6.5
-
cpe:2.3:a:aenrich:a+hrd:6.6
-
cpe:2.3:a:aenrich:a+hrd:6.7
-
cpe:2.3:a:aenrich:a+hrd:6.8
-
cpe:2.3:a:aenrich:a+hrd:6.8.1039v844
-
cpe:2.3:a:aenrich:a+hrd:6.8.1039v920
-
cpe:2.3:a:aenrich:a+hrd:7.0
-
cpe:2.3:a:aenrich:a+hrd:7.1
-
cpe:2.3:a:aenrich:a+hrd:7.2