Reflected Cross-Site Scripting Vulnerability in Ice Hrm by Gamonoid
CVE-2022-25014
6.1MEDIUM
What is CVE-2022-25014?
A reflected cross-site scripting (XSS) vulnerability was found in Ice Hrm, where the 'm' parameter in the user Dashboard can be exploited. By crafting a malicious link, attackers could trick users into clicking on it, potentially compromising their session credentials. This highlights the importance of stringent input validation and user awareness to mitigate such threats.
