What is GHSA-ppff-2mf4-jfqq?

GHSA-ppff-2mf4-jfqq is a security advisory published by GitHub Security Advisories with Low severity. A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Affected by...

Which CVE IDs does GHSA-ppff-2mf4-jfqq cover?

GHSA-ppff-2mf4-jfqq covers the following CVE IDs: CVE-2026-12129. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-ppff-2mf4-jfqq?

GHSA-ppff-2mf4-jfqq has a CVSS v3 base score of 3.5, published by GitHub Security Advisories.

GHSA-ppff-2mf4-jfqqLowCVSS 3.5

A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Affected by...

Vendor

GitHub Security Advisories

Published

June 12, 2026

Last Modified

June 12, 2026

🔗 CVE IDs covered (1)

CVE-2026-12129 →

📋 Description

A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/add_tod of the component Dashboard Interface. The manipulation of the argument todo_data leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and might be used.

🔗 References (8)

https://nvd.nist.gov/vuln/detail/CVE-2026-12129
https://codeastro.com
https://github.com/ashikmd0507/CVE/tree/main/Stored-XSS-via-TO-DO-LIST
https://vuldb.com/cve/CVE-2026-12129
https://vuldb.com/submit/837196
https://vuldb.com/vuln/370614
https://vuldb.com/vuln/370614/cti
https://github.com/advisories/GHSA-ppff-2mf4-jfqq