CVE-2025-51989

None

Description

HTML injection vulnerability in the registration interface in Evolution Consulting Kft. HRmaster module v235 allows an attacker to inject HTML tags into the "keresztnév" (firstname) field, which will be sent out in an email resulting in possible Phishing scenarios against any, previously not registered, email address.

INFO

Published Date :

2025-08-21T00:00:00.000Z

Last Modified :

2025-08-22T13:42:50.545Z

Source :

mitre

AFFECTED PRODUCTS

The following products are affected by CVE-2025-51989 vulnerability.

Vendors	Products
Evolution Consulting	Hrmaster

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-51989.

URL	Resource
http://evolution.com
http://hrmaster.com
https://github.com/Apor/Vulnerabilities/tree/main/CVE-2025-51989
https://hrmaster.hu/modulok/toborzas-es-kivalasztas
https://www.evolution-consulting.hu/

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact