Описание
ManageEngine_DesktopCentral.exe in Zoho ManageEngine Desktop Central 10 allows HTML injection on the user administration page via the description of a role.
ManageEngine_DesktopCentral.exe in Zoho ManageEngine Desktop Central 10 allows HTML injection on the user administration page via the description of a role.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-15510
- https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-15510-manageengine-desktopcentral-v-10-vulnerable-to-html-injection
- https://www.manageengine.com/products/desktop-central/download.html
- https://www.manageengine.com/products/desktop-central/html-injection.html
Связанные уязвимости
CVSS3: 6.1
nvd
почти 6 лет назад
ManageEngine_DesktopCentral.exe in Zoho ManageEngine Desktop Central 10 allows HTML injection on the user administration page via the description of a role.