4 matches found
CVE-2023-53985
Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in...
CVE-2023-53985
CVE-2023-53985 affects Zstore (now Zippy CRM) version 6.5.4. A reflected cross-site scripting vulnerability exists due to unvalidated input parameters, allowing an attacker to inject and execute arbitrary JavaScript in a victim’s browser context. The CVSS metrics indicate network access with low ...
CVE-2023-53985 Zstore 6.5.4 - Reflected Cross-Site Scripting (XSS)
Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in...
PT-2026-2417
Name of the Vulnerable Software and Affected Versions Zippy CRM version 6.5.4 Description The software contains a reflected cross-site scripting issue that enables attackers to inject malicious scripts via unvalidated input parameters. Attackers can submit crafted payloads in manual insertion...