Vulnerabilities > Jorani > Leave Management System
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-07 | CVE-2023-48205 | Injection vulnerability in Jorani Leave Management System 1.0.2 Jorani Leave Management System 1.0.2 allows a remote attacker to spoof a Host header associated with password reset emails. | 5.3 |
| 2023-10-16 | CVE-2023-45540 | Injection vulnerability in Jorani Leave Management System 1.0.3 An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary HTML code via a crafted script to the comment field of the List of Leave requests page. | 6.5 |