Vulnerabilities > Icehrm > Low

DATE CVE VULNERABILITY TITLE RISK
2022-02-28 CVE-2022-25015 Cross-site Scripting vulnerability in Icehrm 30.0.0.Os
A stored cross-site scripting (XSS) vulnerability in Ice Hrm 30.0.0.OS allows attackers to steal cookies via a crafted payload inserted into the First Name field.
network
icehrm CWE-79
3.5
3.5
2021-10-04 CVE-2021-38822 Cross-site Scripting vulnerability in Icehrm 30.0.0.Os
A Stored Cross Site Scripting vulnerability via Malicious File Upload exists in multiple pages of IceHrm 30.0.0.OS that allows for arbitrary execution of JavaScript commands.
network
icehrm CWE-79
3.5
3.5
2021-06-22 CVE-2021-34243 Cross-site Scripting vulnerability in Icehrm 29.0.0.Os
A stored cross site scripting (XSS) vulnerability was discovered in Ice Hrm 29.0.0.OS which allows attackers to execute arbitrary web scripts or HTML via a crafted file uploaded into the Document Management tab.
network
icehrm CWE-79
3.5
3.5