2 matches found
CVE-2023-1609
A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been rated as problematic. This issue affects the function save of the file /api/admin/store/product/save. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to...
CVE-2023-1609
CVE-2023-1609 affects Zhong Bang CRMEB Java up to 1.3.4. The issue resides in the /api/admin/store/product/save function, enabling cross-site scripting via the save endpoint with remote attack capability. Public disclosures exist (VDB-223739). A practical workaround from PT-2023-17115 suggests te...