Filtered by vendor Zippy
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-53985 | 1 Zippy | 1 Zstore | 2026-01-14 | 6.1 Medium |
| Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in victim's browser context. | ||||
| CVE-2023-24648 | 1 Zippy | 1 Zstore | 2025-03-21 | 6.1 Medium |
| Zstore v6.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /index.php. | ||||
Page 1 of 1.