CVE-2024-35432
May 30, 2024, 6:19 p.m.
Tags
Product(s) Impacted
ZKTeco ZKBio CVSecurity
- 6.1.1
ZKBio CVSecurity
- 6.1.1
Description
ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Cross Site Scripting (XSS) via an Audio File. An authenticated user can injection malicious JavaScript code to trigger a Cross Site Scripting.
Weaknesses
Date
Published: May 30, 2024, 4:15 p.m.
Last Modified: May 30, 2024, 6:19 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
References
https://github.com/
cve@mitre.org