CVE-2023-4672

MEDIUM

6.1

CVSS Severity Score

EPSS Score0.1970%

EPSS Percentile16.93th

PublishedDec 28, 2023

Last ModifiedMay 21, 2026

Vulnerability Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software ECOP allows Reflected XSS. This issue affects ECOP: before 32255.

Affected Platforms (CPE)

📦

Talentyazilim

Ecop

= 32255

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0737

🔗 https://www.usom.gov.tr/bildirim/tr-23-0737

Related Vulnerabilities

CVE-2023-46719.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talent Software ECOP allows ...

CVE-2023-20469.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yontem Informatics Vehicle T...

CVE-2023-29079.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Marksoft allows SQL Injectio...

CVE-2023-61909.8

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in İzmir Katip Çelebi University Univ...