Stored Cross Site Scripting Vulnerability in IceHrm 30.0.0.OS: Arbitrary Execution of JavaScript Commands via Malicious File Upload
CVE-2021-38822 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
A Stored Cross Site Scripting vulnerability via Malicious File Upload exists in multiple pages of IceHrm 30.0.0.OS that allows for arbitrary execution of JavaScript commands.
Learn more about our Web Application Penetration Testing UK.