CVE-2023-0322

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software UNIS allows Reflected XSS. This issue affects UNIS: before 28376.

medium 6.1 CVSS 3.1
Published: Mar 15, 2023
Modified: Jun 1, 2026
Vendor: Talentyazilim
Product: Unis

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software UNIS allows Reflected XSS.

This issue affects UNIS: before 28376.

References

Related CVEs

CVE-2023-4671 critical · 9.8
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talent Software ECOP allows Command Line Execution through SQL Injection. Thi
CVE-2023-4672 medium · 6.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software ECOP allows Reflected XSS. This issue affects ECOP: before 32