CVE-2023-1609

Summary

A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been rated as problematic. This issue affects the function save of the file /api/admin/store/product/save. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223739.

Affected Software

VendorProductVersion RangeStatus
Zhong BangCRMEB Java1.3.0affected
Zhong BangCRMEB Java1.3.1affected
Zhong BangCRMEB Java1.3.2affected
Zhong BangCRMEB Java1.3.3affected
Zhong BangCRMEB Java1.3.4affected

Weaknesses

  • CWE-79: CWE-79 Cross Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References