ZentaoPMS Introduce

ZentaoPMS (Zen Project Management System) is an open source project management and collaboration tool designed to help teams better plan, track, and complete projects. It is a professional project management platform suitable for organizations of all sizes, including small and medium-sized enterprises and large enterprises. Some important features and functions of ZentaoPMS.

Vulnerability Description

ZenTao ZenTao Biz <=4.1.3 has a Cross Site Scripting (XSS).

Principle and recurrence of vulnerabilities

{cat_hide}
In the "Integration ->Version Library ->Client" function of Zentao biz version 4.1.3, user input data was not filtered, resulting in the execution of arbitrary JavaScript code.
Successfully executed Payload insertion in client parameters：

{/cat_hide}