skit-cyber-security/ZenShare-Suite

skit-cyber-security/ZenShare-Suite

Releases0

Stars1

The ZenShare Suite application is vulnerable by a Reflected Cross-Site Scripting (XSS) vulnerability, affecting web application login and recovery password functionalities.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-30251 ↗	Apr 2, 2026Thursday, 2 April 2026, 21:16	6.1 MEDIUM	—
A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.
CVE-2026-30252 ↗	Apr 2, 2026Thursday, 2 April 2026, 21:16	6.1 MEDIUM	—
Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.