CVE-2026-38569

Published
View on NVD ↗
CVSS v3
5.4
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

HireFlow v1.2 is vulnerable to Cross Site Scripting (XSS) in candidate_detail.html via the Resume or Feedback Comment fields via POST /candidates/add or POST /feedback/add.

StratonWebDesigners/HireFlow
StratonWebDesigners/HireFlow
HireFlow is a modern and intuitive web-based Interview Management System designed to streamline the hiring process for recruiters and organizations. It provides a centralized platform to manage candidates, schedule interviews, and track recruitment progress efficiently.
GitHubGitHub
5
hijackedamygdala/CVE-Disclosures
hijackedamygdala/CVE-Disclosures
GitHubGitHub
2