Описание
A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.
Ссылки
- ExploitThird Party Advisory
- Release NotesThird Party Advisory
- ExploitThird Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.3:11306:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.20355
Средний
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
около 4 лет назад
A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.
EPSS
Процентиль: 95%
0.20355
Средний
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79