CVE-2023-51157 Information

Description

Cross Site Scripting vulnerability in ZKTeco WDMS v.5.1.3 Pro allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the Emp Name parameter.

Reference

https://infosecwriteups.com/xss-store-in-zkteco-welcome-to-wdms-3d5c8e1113f0