CVE-2025-3706 – 104 Corporation eHRMS Reflected Cross-site Scripting Vulnerability

April 28, 2025

CVE ID : CVE-2025-3706

Published : April 28, 2025, 3:15 a.m. | 5 hours, 13 minutes ago

Description : The eHRMS from 104 Corporation has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user’s browser through phishing attacks.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3997 – Dazhouda lecms Cross-Site Request Forgery (CSRF) Vulnerability

Next Article CVE-2025-3996 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-3706 – 104 Corporation eHRMS Reflected Cross-site Scripting Vulnerability

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

More From Our Main Blog: The Good, the Bad and the Ugly in Cybersecurity – Week 24

DslogdRAT Malware: A Sneaky Cyberattack Exploiting Ivanti ICS Zero-Day

Microsoft is bringing back seconds to Windows 10 Clock after outrage

⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs

CVE-2025-47686 – DELUCKS SEO Cross-site Scripting

Multi-account support for Amazon SageMaker HyperPod task governance

Black Mirror’s creator was so addicted to Balatro last year it’s made it into the Netflix show

Mapping the misuse of generative AI

CVE-2025-4538 – KKFileView Unrestricted File Upload Vulnerability

CVE-2025-3706 – 104 Corporation eHRMS Reflected Cross-site Scripting Vulnerability

Related Posts