CVE-2025-27930

Опубликовано: 23 июл. 2025

Источник: nvd

CVSS3: 6.4

CVSS3: 5.4

EPSS Низкий

Описание

Zohocorp ManageEngine Applications Manager versions 176600 and prior are vulnerable to stored cross-site scripting in the File/Directory monitor.

Ссылки

https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2025-27930.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:zohocorp:manageengine_applications_manager:*:*:*:*:*:*:*:*

Версия до 17.6 (исключая)

cpe:2.3:a:zohocorp:manageengine_applications_manager:17.6:-:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_applications_manager:17.6:build176100:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_applications_manager:17.6:build176200:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_applications_manager:17.6:build176300:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_applications_manager:17.6:build176500:*:*:*:*:*:*

cpe:2.3:a:zohocorp:manageengine_applications_manager:17.6:build176600:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.00009

Низкий

6.4 Medium

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-27930

redhat

5 месяцев назад

Zohocorp ManageEngine Applications Manager versions 176600 and prior are vulnerable to stored cross-site scripting in the File/Directory monitor.

GHSA-8h48-6654-j9p6

CVSS3: 6.4

github

5 месяцев назад

Zohocorp ManageEngine Applications Manager versions 176600 and prior are vulnerable to stored cross-site scripting in the File/Directory monitor.

EPSS

Процентиль: 1%

0.00009

Низкий

6.4 Medium

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79