← back
CVE-2020-35753

CVE-2020-35753

EPSS 0.9%
The job posting recommendation form in Persis Human Resource Management Portal (Versions 17.2.00 through 17.2.35 and 19.0.00 through 19.0.20), when the "Recommend job posting" function is enabled, allows XSS via the SENDER parameter.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://it-sec.de/ger/Aktuelles-Termine/it.sec-blog/it.sec-Research-Team-findet-unbekannte-Schwachstelle-in-Persis-Online-Bewerberportalhttps://slashcrypto.org/2021/02/20/CVE-2020-35753/