CVE-2024-36656 Information

Description

In MintHCM 4.0.3 a registered user can execute arbitrary JavaScript code and achieve a reflected Cross-site Scripting (XSS) attack.

Reference

https://github.com/minthcm/minthcm/issues/67