Skip to main content

Posts

Showing posts from February, 2019

CVE-2018-12653: Reflected Cross Site Scripting(XSS) in Adrenalin 5.4 HRMS Software | SSRSDynamicEditReports [issue 5 of 5]

As cyber security professional, I come across many various vulnerabilities from critical to low and sometimes informational(How to categorize- CVSS v3 ). Sometime back I was doing as usual my security assessment activity for a Bank(Confidential) for their HRMS web application which was 3rd party software whose vendor was "Adrenalin". CVE ID: CVE-2018-12653 Vulnerability Name: Reflected Cross Site Scripting(XSS) Product: Adrenalin HRMS Affected Version: 5.4.0 Credits: Rishu Ranjan

CVE-2018-12652: Reflected Cross Site Scripting(XSS) in Adrenalin 5.4 HRMS Software | LeaveEmployeeSearch [issue 4 of 5]

As cyber security professional, I come across many various vulnerabilities from critical to low and sometimes informational(How to categorize- CVSS v3 ). Sometime back I was doing as usual my security assessment activity for a Bank(Confidential) for their HRMS web application which was 3rd party software whose vendor was "Adrenalin". CVE ID: CVE-2018-12652 Vulnerability Name: Reflected Cross Site Scripting(XSS) Product: Adrenalin HRMS Affected Version: 5.4.0 Credits: Rishu Ranjan