CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-30252

Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.1%

CVSS Severity

CVSS v3 Score 6.1

References

https://github.com/skit-cyber-security/ZenShare-Suite

Products affected by CVE-2026-30252

Interzen » Zencrm » Version: 17.0

cpe:2.3:a:interzen:zencrm:17.0
Interzen » Zenhr » Version: 17.0

cpe:2.3:a:interzen:zenhr:17.0
Interzen » Zenproject » Version: 17.0

cpe:2.3:a:interzen:zenproject:17.0
Interzen » Zenpurchase » Version: 17.0

cpe:2.3:a:interzen:zenpurchase:17.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-30252

Products

Pricing

Contact Us