CVE-2026-38569 | HireFlow 1.2 candidate_detail.html cross site scripting

May 11, 2026 Yanac

A vulnerability was found in HireFlow 1.2. It has been classified as problematic. The affected element is an unknown function of the file candidate_detail.html. This manipulation causes cross site scripting.

This vulnerability is handled as CVE-2026-38569. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2026-45002 | OpenClaw up to 2026.4.19 authorization (GHSA-2xcp-x87w-q377)
CVE-2026-42842 | getgrav grav/grav-plugin-form cross site scripting (GHSA-c2q3-p4jr-c55f)