Описание
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via PO in the purchase component.
Ссылки
- Not ApplicableVendor Advisory
- Not ApplicableVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:-:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14000:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14001:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14002:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14003:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14004:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14005:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14006:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.23807
Средний
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
около 3 лет назад
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via PO in the purchase component.
EPSS
Процентиль: 96%
0.23807
Средний
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79