In EasyToRecruit (E2R) prior to 2.11, the upload feature and the Candidate Profile Management feature are prone to Cross Site Scripting (XSS) injection in multiple locations.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hr-technologies easytorecruit |