Vulnerability CVE-2022-38801
Published: 2022-11-30

Description:
In Zkteco BioTime < 8.5.3 Build:20200816.447, an employee can hijack an administrator session and cookies using blind cross-site scripting.

 References:
https://www.zkteco.com/
https://gist.github.com/hamoshwani/5ac860dd6757440174f446c62b24653f
Copyright 2026, cxsecurity.com

 

Back to Top