CVE-2019-11032

In EasyToRecruit (E2R) before 2.11, the upload feature and the Candidate Profile Management feature are prone to Cross Site Scripting (XSS) injection in multiple locations.
Source: NIST
CVE-2019-11032