CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Orangehrm: >> Orangehrm >> 4.10.1 Security Vulnerabilities

CVE-2022-28985

A stored cross-site scripting (XSS) vulnerability in the addNewPost component of OrangeHRM v4.10.1 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.

CVSS Score

6.3

EPSS Score

0.002

Published

2022-05-20

Page 1

Vulnerabilities

Vulnerable Software

Orangehrm: >> Orangehrm >> 4.10.1 Security Vulnerabilities

Products

Pricing

Contact Us