Stored Cross-Site Scripting Vulnerability in Ice Hrm by Gamonoid
CVE-2022-25015
5.4MEDIUM
What is CVE-2022-25015?
A stored cross-site scripting (XSS) vulnerability exists in Ice Hrm 30.0.0.OS, which allows attackers to inject malicious scripts into the First Name input field. By delivering a crafted payload, attackers can exploit this vulnerability to steal cookies from users, compromising their session and sensitive information. It is crucial for users to implement security measures and regularly update their systems to mitigate risks associated with this vulnerability.
