EUVD-2026-35022
GHSA-2hp8-8xwj-c2gv
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function of the file /notice/All_notice of the component Notice Board Management. Such manipulation of the argument Notice Title with the input <svg onload="alert('Stored XSS Triggered by Ashik Mohamed')"> as part of POST leads to cross site scripting. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
AnalysisAI
Stored cross-site scripting in CodeAstro Human Resource Management System 1.0 enables a high-privileged authenticated attacker to inject persistent malicious script via the Notice Title parameter in the Notice Board Management component, executing in the browsers of any user who subsequently views the affected notice. The publicly available proof-of-concept on GitHub demonstrates exploitation via an SVG onload payload submitted through a POST request to /notice/All_notice. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to hold a high-privilege account in the CodeAstro HRMS (PR:H per CVSS vector) - this is not exploitable by unauthenticated or low-privileged users. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The aggregate risk signal for this vulnerability is low-to-moderate. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with administrative access to the CodeAstro HRMS - whether a malicious insider or an operator using a compromised admin account - submits a crafted notice with the title containing an SVG onload payload via POST to /notice/All_notice; a publicly available proof-of-concept demonstrates the exact request structure. When any other HRMS user navigates to the notice board, the stored payload executes in their browser session, potentially enabling session token theft or credential harvesting via a phishing overlay within the application context. |
| Remediation | No vendor-released patch has been identified at time of analysis; the VulDB references and codeastro.com vendor site do not link to a security advisory or fixed release. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
SQL injection in CodeAstro Human Resource Management System 1.0 enables authenticated remote attackers to manipulate the
Stored cross-site scripting in CodeAstro Human Resource Management System 1.0 allows an authenticated remote attacker to
Stored cross-site scripting in CodeAstro Human Resource Management System 1.0 allows an authenticated low-privilege user
Share
External POC / Exploit Code
Leaving vuln.today