CVE-2023-4672

MEDIUM

6.1

CVSS Severity Score

EPSS Score0.1970%

EPSS Percentile16.93th

Published2023年12月28日

Last Modified2026年5月21日

Vulnerability Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software ECOP allows Reflected XSS. This issue affects ECOP: before 32255.

Affected Platforms (CPE)

📦

Talentyazilim

Ecop

= 32255

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0737

🔗 https://www.usom.gov.tr/bildirim/tr-23-0737

相关漏洞威胁

CVE-2023-46719.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talent Software ECOP allows ...

CVE-2023-20649.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Minova Technology eTrace all...

CVE-2023-343629.8

MOVEit Transfer SQL Injection vulnerability allows unauthenticated attackers to gain unauthorized access to MOVEit Transfer's data...

CVE-2023-27139.8

Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-comme...