Lucene search
HistoryApr 26, 2023 - 9:15 p.m.
CVE-2023-29442
zoho
manageengine
applications manager
16400
xss
dom
proxy
nvd
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.3 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.1%
Zoho ManageEngine Applications Manager before 16400 allows proxy.html DOM XSS.
Affected configurations
Node
zohocorpmanageengine_applications_managerRange<16.3
ORzohocorpmanageengine_applications_managerMatch16.3build16300
ORzohocorpmanageengine_applications_managerMatch16.3build16310
ORzohocorpmanageengine_applications_managerMatch16.3build16320
ORzohocorpmanageengine_applications_managerMatch16.3build16330
ORzohocorpmanageengine_applications_managerMatch16.3build16340
ORzohocorpmanageengine_applications_managerMatch16.3build16350
ORzohocorpmanageengine_applications_managerMatch16.3build16360
ORzohocorpmanageengine_applications_managerMatch16.3build16361
ORzohocorpmanageengine_applications_managerMatch16.3build16370
ORzohocorpmanageengine_applications_managerMatch16.3build16380
ORzohocorpmanageengine_applications_managerMatch16.3build16390
| CPE | Name | Operator | Version |
|---|---|---|---|
| zohocorp:manageengine_applications_manager | zohocorp manageengine applications manager | lt | 16.3 |
Related
prion
prion
Cross site scripting
2023-04-26 21:15:00
cvelist
cvelist
CVE-2023-29442
2023-04-26 00:00:00
nvd
nvd
CVE-2023-29442
2023-04-26 21:15:08
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.3 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.1%
Related for CVE-2023-29442