An issue in ZenTao Community Edition v.18.6 and before, ZenTao Biz v.8.6 and before, ZenTao Max v.4.7 and before allows an attacker to execute arbitrary code via a crafted script to the Office Conversion Settings function.
{ "versions": [ { "introduced": "0" }, { "last_affected": "18.6" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-44827.json"
[ { "events": [ { "introduced": "0" }, { "last_affected": "8.6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.7" } ] } ]