Openbaraza Openbaraza Human Capital Management — known CVE vulnerabilities
Every CVE whose affected-product data names Openbaraza Openbaraza Human Capital Management, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-38583 — CVSS 6.1 (medium): openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting (XSS) on multiple…
CVE-2021-38619 — CVSS 6.1 (medium): openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored…