Incomplete List of Disallowed Inputs in ManageEngine ServiceDesk Plus before version 11205 allows a remote, authenticated attacker to execute arbitrary commands with SYSTEM privileges.
[
{
"product": "ManageEngine ServiceDesk Plus",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Before 11205"
}
]
}
]