Vulnerabilities > Easycorp > Zentao > 11.6.4

DATE CVE VULNERABILITY TITLE RISK
2023-06-20 CVE-2020-21268 Cross-site Scripting vulnerability in Easycorp Zentao 11.6.4
Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter.
network
low complexity
easycorp CWE-79
6.1
6.1
2021-08-12 CVE-2020-28165 Unrestricted Upload of File with Dangerous Type vulnerability in Easycorp Zentao
The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability.
network
low complexity
easycorp CWE-434
critical
 9.8
9.8