CNNVD-202507-3602 Information

CNNVD ID

CNNVD-202507-3602

Related CVE

CVE-2025-40686

• CNNVD Published: 2025-07-29

Description (Chinese)

Human Resource Management System是maverickosama个人开发者的一个人力资源管理系统。 Human Resource Management System 1.0版本存在跨站脚本漏洞，该漏洞源于employeeid参数未经验证，可能导致反射型跨站脚本攻击。

Description (English)

Human Resources Management System is a human resources management system of the Maverickoma Personal Developer. Version 1.0 of Human Resources Management System has a cross-site script loophole, which originates from unverified amployeid parameters and may result in a reflector-type cross-station script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

个人开发者

Published

2025-07-29

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-human-resource-management-system