Online Leave Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /leave_system/admin/?page=maintenance/department. This vulnerability allows attackers to execute arbitrary web scripts or HTML via crafted payload injected into the Name field under the Create New module.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-12-07T00:00:00
Updated: 2024-08-03T14:01:31.464Z
Reserved: 2022-11-07T00:00:00
Link: CVE-2022-45008
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-12-07T02:15:09.677
Modified: 2022-12-08T13:52:31.273
Link: CVE-2022-45008
Redhat
No data.