CVE-2022-46903

Name of the Vulnerable Software and Affected Versions WebSoft HCM version 2021.2.3.327

Description The issue arises from insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser. This includes scripts in the JavaScript programming language, leading to Stored XSS.

Recommendations For WebSoft HCM version 2021.2.3.327, update to a version that properly processes user input to prevent arbitrary HTML tag injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.