MinthcmCVEs & Vulnerabilities
3 CVEs affecting Minthcm products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
3 CVEs→ All vendors
Most Affected Products
minthcm 3
CVE-2024-36656MEDIUM
In MintHCM 4.0.3, a registered user can execute arbitrary JavaScript code and achieve a reflected Cross-site Scripting (XSS) attack.
14 Jun 2024
6.1
CVSS
CVE-2021-25839CRITICAL
A weak password requirement vulnerability exists in the Create New User function of MintHCM RELEASE 3.0.8, which could lead an attacker to easier password brute-forcing.
26 Apr 2021
9.8
CVSS
CVE-2021-25838MEDIUM
The Import function in MintHCM RELEASE 3.0.8 allows an attacker to execute a cross-site scripting (XSS) payload in file-upload.
26 Apr 2021
6.1
CVSS
← PrevPage 1 / 1Next →