Umanni Human Resources — known CVE vulnerabilities
Every CVE whose affected-product data names Umanni Human Resources, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-24007 — CVSS 9.8 (critical): Umanni RH 1.0 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a…
CVE-2020-24008 — CVSS 5.3 (medium): Umanni RH 1.0 has a user enumeration vulnerability. This issue occurs during password recovery, where a difference in messages could allow…