{"version":1,"pages":[{"id":"XXGClcqZKfoRNlJtlJiY","title":"OvalEdge 5.2.8.0 Vulnerability Disclosures","pathname":"/cve/ovaledge","siteSpaceId":"sitesp_y2ceT","emoji":"26a0","description":"Discoverer: Giovanni Heward"},{"id":"91x5jfGtefLDeN46hOPA","title":"Sensitive Data Exposure","pathname":"/cve/ovaledge/vulnerabilities/sensitive-data-exposure","siteSpaceId":"sitesp_y2ceT","emoji":"2757","description":"OvalEdge 5.2.8.0 and earlier is affected by multiple Sensitive Data Exposure vulnerabilities.","breadcrumbs":[{"label":"Vulnerabilities"}]},{"id":"LurXzMu88hYxv2r0A3Bk","title":"Account Takeover","pathname":"/cve/ovaledge/vulnerabilities/account-takeover","siteSpaceId":"sitesp_y2ceT","emoji":"203c","description":"OvalEdge 5.2.8.0 and earlier is affected by multiple account takeover vulnerabilities.","breadcrumbs":[{"label":"Vulnerabilities"}]},{"id":"SXDsM6lirJMqTZkJ8WJV","title":"Privilege Escalation","pathname":"/cve/ovaledge/vulnerabilities/privilege-escalation","siteSpaceId":"sitesp_y2ceT","emoji":"203c","description":"OvalEdge 5.2.8.0 and earlier is affected by privilege escalation vulnerabilities.","breadcrumbs":[{"label":"Vulnerabilities"}]},{"id":"WGA666X0SiGyVTwVteUx","title":"Stored XSS","pathname":"/cve/ovaledge/vulnerabilities/stored-xss","siteSpaceId":"sitesp_y2ceT","emoji":"2757","description":"OvalEdge 5.2.8.0 and earlier is affected by Stored XSS (AKA Persistent or Type II) vulnerabilities.","breadcrumbs":[{"label":"Vulnerabilities"}]},{"id":"EGulcsyl8kfC73b9gqAl","title":"Infor Global HR | Reflected Cross-Site Scripting (XSS) Disclosure","pathname":"/cve/infor","siteSpaceId":"sitesp_47Qs6","emoji":"26a0","description":"Discoverer: Paul Goodrich, Giovanni Heward, Adam Hainline, Tyler Gleave, Dan Gilbert"},{"id":"a7XrHbFAId3rdNbEiJH6","title":"Reflected XSS","pathname":"/cve/infor/vulnerability/reflected-xss","siteSpaceId":"sitesp_47Qs6","emoji":"2757","description":"Infor Global HR v11.23.03.00.21 and prior is affected by Reflected XSS (AKA Non-Persistent or Type I) vulnerability.","breadcrumbs":[{"label":"Vulnerability"}]},{"id":"lbNJPG3VCRWJ3y6gsxWi","title":"Insecure direct object references (IDOR)","pathname":"/cve/infor/vulnerability/insecure-direct-object-references-idor","siteSpaceId":"sitesp_47Qs6","emoji":"2757","description":"Infor Global HR 11.24.10.01.33 and prior are affected by an Insecure Direct Object Reference (IDOR) vulnerability.","breadcrumbs":[{"label":"Vulnerability"}]},{"id":"EGulcsyl8kfC73b9gqAl","title":"Cornerstone OnDemand LMS v24.2.5.32 | Insecure Direct Object Reference (IDOR) Disclosures","pathname":"/cve/cornerstone","siteSpaceId":"sitesp_DzSGx","emoji":"26a0","description":"Discoverer: Dan Gilbert, Giovanni Heward"},{"id":"a7XrHbFAId3rdNbEiJH6","title":"IDOR1","pathname":"/cve/cornerstone/vulnerabilities/idor1","siteSpaceId":"sitesp_DzSGx","emoji":"2757","description":"A Business Logic Vulnerability and Insecure Direct Object Reference (IDOR) was discovered in Cornerstone OnDemand LMS v24.2.5.32.","breadcrumbs":[{"label":"Vulnerabilities"}]},{"id":"B8SPDmnmcquj9mC1OufH","title":"IDOR2","pathname":"/cve/cornerstone/vulnerabilities/idor2","siteSpaceId":"sitesp_DzSGx","emoji":"2757","description":"A Business Logic Vulnerability and Insecure Direct Object Reference (IDOR) was discovered in Cornerstone OnDemand LMS v24.2.5.32.","breadcrumbs":[{"label":"Vulnerabilities"}]},{"id":"1CIzKGsyAd8SzlyDcsJF","title":"Performance Pro v3.19.17 | Reflected Cross-Site Scripting (XSS) Disclosures","pathname":"/cve/hr-performance-solutions","siteSpaceId":"sitesp_woKLa","emoji":"26a0","description":"Discoverer: Paul Goodrich, ..."},{"id":"a7XrHbFAId3rdNbEiJH6","title":"Reflected XSS - Employee Notes","pathname":"/cve/hr-performance-solutions/vulnerability/reflected-xss-employee-notes","siteSpaceId":"sitesp_woKLa","emoji":"2757","description":"Performance Pro v3.19.17 and earlier is affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities (Persistent/Type II)","breadcrumbs":[{"label":"Vulnerability"}]},{"id":"wTGQJo7L4LULxDGja8rN","title":"Reflected XSS - Future Goals","pathname":"/cve/hr-performance-solutions/vulnerability/reflected-xss-future-goals","siteSpaceId":"sitesp_woKLa","emoji":"2757","description":"Performance Pro v3.19.17 and earlier is affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities (Persistent/Type II)","breadcrumbs":[{"label":"Vulnerability"}]},{"id":"SlW1b0MGQx7MHDUmng2D","title":"Reflected XSS - Current Goals","pathname":"/cve/hr-performance-solutions/vulnerability/reflected-xss-current-goals","siteSpaceId":"sitesp_woKLa","emoji":"2757","description":"Performance Pro v3.19.17 and earlier is affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities (Persistent/Type II)","breadcrumbs":[{"label":"Vulnerability"}]}]}