Lucene search

CVE-2023-23078

🗓️ 01 Feb 2023 20:12:15Reported by mitreType

Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via the comment field when changing the c.

Reporter	Title	Published	Views	Family All 6
Cvelist	CVE-2023-23078	1 Feb 202300:00	–	cvelist
Tenable Nessus	ManageEngine ServiceDesk Plus MSP < 14.0 Build 14000	15 Nov 202300:00	–	nessus
Tenable Nessus	ManageEngine AssetExplorer < 6.9 Build 6987	15 Nov 202300:00	–	nessus
Tenable Nessus	ManageEngine ServiceDesk Plus < 14.1 Build 14103	15 Nov 202300:00	–	nessus
Prion	Cross site scripting	1 Feb 202320:15	–	prion
NVD	CVE-2023-23078	1 Feb 202320:15	–	nvd

Nvd

Node

zohocorp manageengine_servicedesk_plusMatch14.0-

zohocorp manageengine_servicedesk_plusMatch14.014000

zohocorp manageengine_servicedesk_plusMatch14.014001

zohocorp manageengine_servicedesk_plusMatch14.014002

zohocorp manageengine_servicedesk_plusMatch14.014003

zohocorp manageengine_servicedesk_plusMatch14.014004

zohocorp manageengine_servicedesk_plusMatch14.014005

zohocorp manageengine_servicedesk_plusMatch14.014006

Source	Link
bugbounty	www.bugbounty.zohocorp.com/bb/
manageengine	www.manageengine.com/products/service-desk/CVE-2023-23078.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Feb 2023 20:15Current

6Medium risk

Vulners AI Score6

CVSS36.1

EPSS0.00284

CWE-79