A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has been classified as problematic. Affected is an unknown function of the component system-group-add Handler. The manipulation of the argument user with the input <script>alert('XSS')</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-270366 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-07-05T11:00:05.305Z
Updated: 2024-08-01T21:41:03.907Z
Reserved: 2024-07-05T04:43:29.170Z
Link: CVE-2024-6523
Vulnrichment
Updated: 2024-08-01T21:41:03.907Z
NVD
Status : Modified
Published: 2024-07-05T11:15:10.740
Modified: 2024-11-21T09:49:47.960
Link: CVE-2024-6523
Redhat
No data.