CVE-2023-23074

Опубликовано: 01 фев. 2023

Источник: nvd

CVSS3: 6.1

EPSS Высокий

Описание

Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via embedding videos in the language component.

Конфигурация 1

Одно из

cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:-:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14000:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14001:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14002:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14003:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14004:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14005:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:14006:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.82781

Высокий

6.1 Medium

CVSS3

CWE-79

GHSA-q84g-j4pw-hjh5