A Hcm
Monthly
Unauthenticated remote attackers can upload arbitrary files to any path in a+HCM developed by aEnrich, including executable HTML documents, enabling cross-site scripting and potential server-side impacts. The vulnerability requires user interaction (UI:A) but allows unrestricted file placement with low scope and integrity impact. No patch version or active exploitation data is currently available.
Unauthenticated remote attackers can upload arbitrary files to any path in a+HCM developed by aEnrich, including executable HTML documents, enabling cross-site scripting and potential server-side impacts. The vulnerability requires user interaction (UI:A) but allows unrestricted file placement with low scope and integrity impact. No patch version or active exploitation data is currently available.