2 matches found
CVE-2023-46475
A Stored Cross-Site Scripting vulnerability was discovered in ZenTao 18.3 where a user can create a project, and in the name field of the project, they can inject malicious JavaScript code...
CVE-2023-46475
CVE-2023-46475 – ZenTao PMS 18.3 stored XSS. Affected software is ZenTao PMS version 18.3. The vulnerability occurs in the project creation flow, specifically the project name field, where unsanitized input can inject JavaScript. Impact is that malicious code could run in an affected user’s brows...