CVE-2025-12872
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-12

Last updated on: 2025-11-12

Assigner: TWCERT/CC

Description
The a+HRD and a+HCM developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to upload files containing malicious JavaScript code, which will execute on the client side when a user is tricked into visiting a specific URL.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-12
Last Modified
2025-11-12
Generated
2026-06-16
AI Q&A
2025-11-12
EPSS Evaluated
2026-06-15
NVD
CVE-2025-12872
EUVD
EUVD-2025-119988
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
aenrich a+hrd 7.5
aenrich a+hcm 8.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-12872 is a Stored Cross-Site Scripting (XSS) vulnerability in the a+HRD (version 7.5 and earlier) and a+HCM (version 8.1) products developed by aEnrich. It allows authenticated remote attackers to upload files containing malicious JavaScript code. This malicious code then executes on the client side when a user is tricked into visiting a specific URL, potentially compromising the user's browser session or data. [1, 2]

Impact Analysis

This vulnerability can impact you by allowing attackers with valid authentication to upload malicious JavaScript files that execute in the browsers of users who visit a crafted URL. This can lead to unauthorized actions performed on behalf of the user, theft of sensitive information, session hijacking, or other malicious activities executed in the context of the affected web application. [1, 2]

Detection Guidance

Detection involves monitoring for files uploaded by authenticated users that contain malicious JavaScript code, as the vulnerability allows such files to be uploaded and executed when visited. Since this is a Stored Cross-Site Scripting vulnerability, you can scan the file upload directories or database entries for suspicious JavaScript code patterns. Additionally, monitoring web server logs for unusual URL access patterns that may trigger the malicious scripts can help. Specific commands are not provided in the resources, but general approaches include using web vulnerability scanners that detect stored XSS or using grep-like commands to search for <script> tags or suspicious JavaScript in uploaded files or database entries. [1, 2]

Mitigation Strategies

The recommended immediate mitigation is to upgrade the affected software to aEnrich version 6.8 or later and apply the latest patches provided by the vendor. Additionally, contacting aEnrich customer service for assistance is advised. These steps will address the Stored Cross-Site Scripting vulnerability in a+HRD and a+HCM products. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12872. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart