CVE-2023-44827 Information

Description

An issue in ZenTao Community Edition v.18.6 and before ZenTao Biz v.8.6 and before ZenTao Max v.4.7 and before allows an attacker to execute arbitrary code via a crafted script to the Office Conversion Settings function.

Reference

https://spotted-topaz-6aa.notion.site/Zentao-Authorized-Remote-Code-Execution-Vulnerability-CVE-2023-44827-be731cbe8607496cae35c08cb9ba2436