CVE Details
Basic Information
| Title | Reflected Cross-Site Scripting (XSS) vulnerability in Human Resource Management System |
|---|---|
| Type | cve |
| Published | 2025-07-29T12:12:58.888Z |
| Modified | 2025-07-29T12:13:23.685Z |
Product Information
| Vendor | Human Resource Management System |
|---|---|
| Product | Human Resource Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 4.8 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
AI Analysis
| AI Description | A reflected XSS vulnerability in the Human Resource Management System version 1.0 allows attackers to execute JavaScript in a victim’s browser via a malicious URL, potentially stealing session data or redirecting users. |
|---|---|
| AI Severity | Medium |
| AI Vendor | Human Resource Management System |
| AI Product | Human Resource Management System |
| AI Version | 1.0 |
Affected Products
- Human Resource Management System Human Resource Management System 1.0
Additional Information
| CWE List | CWE-79 |
|---|---|
| Source | INCIBE |
Description
Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim’s browser by sending a malicious URL through the ’employeeid’ parameter in/detailview.php.