CVE-2023-46376
https://notcve.org/view.php?id=CVE-2023-46376
Zentao Biz version 8.7 and before is vulnerable to Information Disclosure. Zentao Biz versión 8.7 y anteriores es vulnerable a la divulgación de información. • https://narrow-payment-2cd.notion.site/zentao-8-7-has-information-disclosure-vulnerability-CVE-2023-46376-537fae3936b84af583b51b74e6010dd7 • CWE-312: Cleartext Storage of Sensitive Information •
CVE-2023-46375
https://notcve.org/view.php?id=CVE-2023-46375
ZenTao Biz version 4.1.3 and before is vulnerable to Cross Site Request Forgery (CSRF). ZenTao Biz versión 4.1.3 y anteriores es vulnerable a Cross Site Request Forgery (CSRF). • https://narrow-payment-2cd.notion.site/zentao-4-1-3-is-vulnerable-to-csrf-CVE-2023-46375-2d9d9fc2371f483eb436af20508df915 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-46374
https://notcve.org/view.php?id=CVE-2023-46374
ZenTao Enterprise Edition version 4.1.3 and before is vulnerable to Cross Site Scripting (XSS). ZenTao Enterprise Edition versión 4.1.3 y anteriores es vulnerable a Cross Site Scripting (XSS). • https://narrow-payment-2cd.notion.site/ZenTao-4-1-3-is-vulnerable-to-Cross-Site-Scripting-xss-CVE-2023-46374-ebdc61e7a88443b481b649764ba66dee • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-46491
https://notcve.org/view.php?id=CVE-2023-46491
ZenTao Biz version 4.1.3 and before has a Cross Site Scripting (XSS) vulnerability in the Version Library. ZenTao Biz versión 4.1.3 y anteriores tiene una vulnerabilidad de Cross Site Scripting (XSS) en la librería de versiones. • https://foremost-smash-52a.notion.site/Zentao-Authorized-XSS-Vulnerability-CVE-2023-46491-eea8cbfe2fab4ea78a174e5275309759 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •