CVE-2019-11032

In EasyToRecruit (E2R) before 2.11, the upload feature and the Candidate Profile Management feature are prone to Cross Site Scripting (XSS) injection in multiple locations. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt