cvedb.io
CVE-2018-12652
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2019-03-25T19:29:00.383 · Last modified 2026-06-17T01:38:07.520

Summary

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.

Affected products

myadrenalin — adrenalin

Does this affect you?

Add your gear to cvedb and we'll alert you only when myadrenalin ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.