What the vulnerability does
01Description
In EasyToRecruit (E2R) before 2.11, the upload feature and the Candidate Profile Management feature are prone to Cross Site Scripting (XSS) injection in multiple locations.
CVSS base score
CVSS vector
CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:N/S:C/UI:R
What the vulnerability does
In EasyToRecruit (E2R) before 2.11, the upload feature and the Candidate Profile Management feature are prone to Cross Site Scripting (XSS) injection in multiple locations.
Key dates
External resources