Multiple Reflected XSS Vulnerabilities in Ice Hrm 30.0.0.OS via key and fm Parameters in login.php Component

Multiple Reflected XSS Vulnerabilities in Ice Hrm 30.0.0.OS via key and fm Parameters in login.php Component

CVE-2022-25013 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Ice Hrm 30.0.0.OS was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities via the "key" and "fm" parameters in the component login.php.

Learn more about our Web Application Penetration Testing UK.