Security Advisory
CVE-2024-35432
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Cross Site Scripting (XSS) via an Audio File. An authenticated user can injection malicious JavaScript code to trigger a Cross Site Scripting.