lemeconsultoria HCM galera.app Cross-Site Scripting Vulnerability

Vulnerability

A Cross-Site Scripting (XSS) vulnerability has been identified in lemeconsultoria HCM galera.app version 4.58.0. This vulnerability allows an attacker to execute arbitrary code by exploiting multiple components within the application. Affected components include Strategic Planning Perspective Registration, Training Request, Perspective Editing, Education Registration, Hierarchical Level Registration, Decision Level Registration, Perspective Registration, Company Group Registration, Company Registration, News Registration, Employee Editing, Goal Team Registration, Learning Resource Type Registration, Learning Resource Family Registration, Learning Resource Supplier Registration, and Cycle Maintenance.

Impact

Exploitation of this vulnerability allows for Cross-Site Scripting, where an attacker can execute arbitrary code in the context of the user's browser.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

lemeconsultoria HCM galera.app Cross-Site Scripting Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating