PT-2025-5879 · Unknown · Egavilan Media Resumes Management/Job Application Website

Kshitiz Raj

Published

2025-02-06

Updated

2025-02-06

CVE-2020-36085

CVSS v3.1

6.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Egavilan Media Resumes Management and Job Application Website version 1.0

Description The issue allows remote attackers to inject arbitrary code via the First and Last Name fields in the Apply For This Job Form. This is a Stored Cross Site Scripting (XSS) issue.

Recommendations For Egavilan Media Resumes Management and Job Application Website version 1.0, consider validating and sanitizing user input for the First and Last Name fields in the Apply For This Job Form to prevent code injection. As a temporary workaround, restrict access to the Apply For This Job Form until a patch is available.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2020-36085

Affected Products

Egavilan Media Resumes Management/Job Application Website

PT-2025-5879 · Unknown · Egavilan Media Resumes Management/Job Application Website

CVE-2020-36085

Weakness Enumeration

Related Identifiers

Affected Products

References · 4