Security Advisory

CVE-2022-38803

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-30 00:00:00

Last updated 2025-04-24 19:46:02

Assigner mitre

State PUBLISHED

Description

Zkteco BioTime < 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access Control via Leave, overtime, Manual log. An authenticated employee can read local files by exploiting XSS into a pdf generator when exporting data as a PDF

← Browse all CVEs View on cve.org ↗