CVE-2023-51157

None

Description

Cross Site Scripting vulnerability in ZKTeco WDMS v.5.1.3 Pro allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the Emp Name parameter.

INFO

Published Date :

2024-09-25T00:00:00.000Z

Last Modified :

2024-09-25T19:47:50.485Z

Source :

mitre

AFFECTED PRODUCTS

The following products are affected by CVE-2023-51157 vulnerability.

Vendors	Products
Zkteco	Wdms Wdms Pro

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-51157.

URL	Resource
https://infosecwriteups.com/xss-store-in-zkteco-welcome-to-wdms-3d5c8e1113f0

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact