Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-46475

Published: 02/11/2023 Updated: 09/11/2023
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 0
Subscribe to Easycorp

Vulnerability Summary

A Stored Cross-Site Scripting vulnerability exists in ZenTao 18.3 where a user can create a project, and in the name field of the project, they can inject malicious JavaScript code.

Vulnerable Product Search on Vulmon Subscribe to Product

easycorp zentao 18.3

Github Repositories

https://github.com/elementalSec/CVE-Disclosures

CVE Disclosures

CVE Disclosures Welcome to the CVE disclosures section of this repository! Here, you'll find a list of potential security vulnerabilities that I have discovered while working on Free Open Source Software (FOSS) applications CVEs I Have Discovered Below is a list of all the CVEs that I have discovered Findings Description CVE-2023-46475 A Stored Cross-Site Scriptin

References

CWE-79https://github.com/easysoft/zentaopmshttps://github.com/elementalSec/CVE-Disclosures/blob/main/ZentaoPMS/CVE-2023-46475/CVE-2023-46475%20-%20Cross-Site%20Scripting%20%28Stored%29.mdhttps://nvd.nist.govhttps://github.com/elementalSec/CVE-Disclosures
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook