RedTeam Pentesting discovered a cross site scripting vulnerability in rexx Recruitment's user registration page during a penetration test. If attackers can persuade users to click on a prepared link or redirected them to such a link from an attacker-controlled website, they are able to run arbitrary JavaScript code in the context of the rexx Recruitment installation's domain.
2b99dd93bd3ef7fa35d56eedd30ce42a17be27a43d0080a86eaa47f243c72d0b