Lucene search

K

[email protected]NVD:CVE-2024-35432

HistoryMay 30, 2024 - 4:15 p.m.

CVE-2024-35432

2024-05-3016:15:10

[email protected]

web.nvd.nist.gov

zkbio cvsecurity 6.1.1

cross site scripting

audio file

5.9 Medium

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Cross Site Scripting (XSS) via an Audio File. An authenticated user can injection malicious JavaScript code to trigger a Cross Site Scripting.

References

github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35432.md

5.9 Medium

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

Related for NVD:CVE-2024-35432