Vulnerability Details CVE-2024-35432
ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Cross Site Scripting (XSS) via an Audio File. An authenticated user can injection malicious JavaScript code to trigger a Cross Site Scripting.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.9%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2024-35432
-
cpe:2.3:a:zkteco:zkbio_cvsecurity:6.1.1