CVE-2021-38822 · Vexday

CVE-2021-38822

EPSS 0.7%

A Stored Cross Site Scripting vulnerability via Malicious File Upload exists in multiple pages of IceHrm 30.0.0.OS that allows for arbitrary execution of JavaScript commands.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.navidkagalwalla.com/icehrm-vulnerabilities