6 matches found
CVE-2023-33387
A reflected cross-site scripting XSS vulnerability in DATEV eG Personal-Management System Comfort/Comfort Plus v15.1.0 to v16.1.1 P4 allows attackers to steal targeted users' login data by sending a crafted link...
Cross site scripting
A reflected cross-site scripting XSS vulnerability in DATEV eG Personal-Management System Comfort/Comfort Plus v15.1.0 to v16.1.1 P4 allows attackers to steal targeted users' login data by sending a crafted link...
CVE-2023-33387
A reflected cross-site scripting XSS vulnerability in DATEV eG Personal-Management System Comfort/Comfort Plus v15.1.0 to v16.1.1 P4 allows attackers to steal targeted users' login data by sending a crafted link...
PT-2023-24328 · Datev Eg · Datev Eg Personal-Management System Comfort/Comfort Plus
Name of the Vulnerable Software and Affected Versions: DATEV eG Personal-Management System Comfort/Comfort Plus versions 15.1.0 through 16.1.1 P4 Description: A reflected cross-site scripting issue allows attackers to steal targeted users' login data by sending a crafted link. Recommendations: Fo...
CVE-2023-33387
CVE-2023-33387 is a reflected cross-site scripting (XSS) vulnerability in DATEV eG Personal-Management System Comfort/Comfort Plus, affected versions 15.1.0 through 16.1.1 P4. The flaw enables an attacker to steal targeted users’ login data by enticing them to click a crafted link. The CVE has a ...
DATEV eG ActiveX code execution
ExecuteExe unsafe method allows code execution...