Vulnerabilities > Datev > EG Personal Management System Comfort Comfort Plus > 16.1.1

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-22	CVE-2023-33387	Cross-site Scripting vulnerability in Datev EG Personal-Management System Comfort/Comfort Plus 16.1.1 A reflected cross-site scripting (XSS) vulnerability in DATEV eG Personal-Management System Comfort/Comfort Plus v15.1.0 to v16.1.1 P4 allows attackers to steal targeted users' login data by sending a crafted link. network low complexity datev CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.