3 matches found
CVE-2022-38803
creationtimestamp| type| source ---|---|--- 2022-11-30 16:29:15+00:00| seen| https://t.me/cibsecurity/53720...
CVE-2022-38803
Zkteco BioTime 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access Control via Leave, overtime, Manual log. An authenticated employee can read local files by exploiting XSS into a pdf generator when exporting data as a PDF...
CVE-2022-38803
The CVE-2022-38803 issue affects Zkteco BioTime prior to 8.5.3 Build 20200816.447. Root cause: Incorrect Access Control allowing an authenticated user to cause cross-site scripting in the PDF export generator, enabling reading of local files when exporting data as a PDF. Impact: confidentiality o...