← back
CVE-2023-46475

CVE-2023-46475

EPSS 0.4%
A Stored Cross-Site Scripting vulnerability was discovered in ZenTao 18.3 where a user can create a project, and in the name field of the project, they can inject malicious JavaScript code.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/easysoft/zentaopmshttps://github.com/elementalSec/CVE-Disclosures/blob/main/ZentaoPMS/CVE-2023-46475/CVE-2023-46475%20-%20Cross-Site%20Scripting%20%28Stored%29.md