CVE-2023-44286

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Dec 14, 2023

Updated: Dec 27, 2023

CWE ID 79

Summary

CVE-2023-49171 is a Cross-site Scripting (XSS) vulnerability affecting TheInnovs Innovs HR – Complete Human Resource Management System for Your Business. The issue stems from improper input neutralization during web page generation, enabling attackers to inject malicious scripts into webpages viewed by other users. This vulnerability, which impacts versions from n/a through 1.0.3.4, poses a significant risk for data theft or unauthorized actions within the compromised HR system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

APEX Protection Storage

Affected Vendors

Dell Technologies, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s0ddhd
https://www.cve.org/CVERecord?id=CVE-2023-44286
https://nvd.nist.gov/vuln/detail/CVE-2023-44286

Back to Vulnerability Database