CVE-2023-46475

2023-11-0200:00:00

mitre

www.cve.org

zentao

stored cross-site scripting

vulnerability

0.0004 Low

EPSS

Percentile

14.0%

JSON

A Stored Cross-Site Scripting vulnerability was discovered in ZenTao 18.3 where a user can create a project, and in the name field of the project, they can inject malicious JavaScript code.

References

github.com/easysoft/zentaopms

github.com/elementalSec/CVE-Disclosures/blob/main/ZentaoPMS/CVE-2023-46475/CVE-2023-46475%20-%20Cross-Site%20Scripting%20%28Stored%29.md

0.0004 Low

EPSS

Percentile

14.0%

JSON

Related for CVELIST:CVE-2023-46475