Stored Cross-Site Scripting in Ice Hrm Document Management
CVE-2021-34243
5.4MEDIUM
What is CVE-2021-34243?
A stored cross-site scripting (XSS) vulnerability exists in Ice Hrm 29.0.0.OS, allowing attackers to execute arbitrary web scripts or HTML by uploading a malicious file in the Document Management tab. This exploit activates when a user later accesses the upload area of the compromised file, potentially leading to unauthorized actions and data exposure.
