CVE ID :CVE-2016-20032 Published : March 15, 2026, 1:35 p.m. | 1 hour, 57 minutes ago Description :ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the 'holiday_name' and 'memo' POST parameters. Attackers can submit crafted requests with script code in these parameters to compromise user browser sessions and steal sensitive information. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...