CVE-2022-27110

Published April 6th, 2022

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

4.9

MEDIUM

Affected

1

PROJECT

Description

OrangeHRM 4.10 is vulnerable to a Host header injection redirect via viewPersonalDetails endpoint.

orangehrm/orangehrm

OrangeHRM is a comprehensive Human Resource Management (HRM) System that captures all the essential functionalities required for any enterprise.

GitHub

1.07K