Lucene search
ManageEngineCVELIST:CVE-2024-36038HistoryJun 24, 2024 - 11:45 a.m.
CVE-2024-36038 Stored XSS
2024-06-2411:45:11
CWE-79
ManageEngine
www.cve.org
12
zoho manageengine
itom
stored xss
version 128234
version 128248
proxy server vulnerability
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
EPSS
0
Percentile
9.1%
Zoho ManageEngine ITOM products versions fromΒ 128234 to 128248 are affected by the stored cross-site scripting vulnerability in the proxy server option.
CNA Affected
[
{
"collectionURL": "https://www.manageengine.com/network-monitoring/download.html",
"cpes": [
"cpe:2.3:a:zohocorp:manageengine_opmanager_plus:12.8:build128248:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "OpManager",
"vendor": "ManageEngine",
"versions": [
{
"lessThan": "128248",
"status": "affected",
"version": "128234",
"versionType": "128248"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-36038 Stored XSS
2024-06-24 11:45:11
nvd
nvd
CVE-2024-36038
2024-06-24 12:15:09
nessus
nessus
ManageEngine OpManager XSS (CVE-2024-36038)
2024-06-27 00:00:00
cve
cve
CVE-2024-36038
2024-06-24 12:15:09
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
EPSS
0
Percentile
9.1%
Related for CVELIST:CVE-2024-36038