CVE-2024-38870 Stored XSS

🗓️ 17 Jul 2024 16:48:58Reported by ManageEngineType

Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and OpManager Enterprise Edition versions before 128104, from 128151 before 128238, from 128247 before 128250 are vulnerable to Stored XSS vulnerability in reports module

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2024-38870	17 Jul 202419:53	–	circl
CVE	CVE-2024-38870	17 Jul 202416:48	–	cve
EUVD	EUVD-2024-37654	3 Oct 202520:07	–	euvd
Tenable Nessus	ManageEngine OpManager XSS (CVE-2024-38870)	19 Jul 202400:00	–	nessus
NVD	CVE-2024-38870	17 Jul 202417:15	–	nvd
RedhatCVE	CVE-2024-38870	23 May 202510:24	–	redhatcve
Vulnrichment	CVE-2024-38870 Stored XSS	17 Jul 202416:48	–	vulnrichment

[
  {
    "collectionURL": "https://www.manageengine.com/network-monitoring/",
    "defaultStatus": "unaffected",
    "product": "OpManager, OpManager Plus, OpManager MSP, OpManager Enterprise Edition",
    "vendor": "ManageEngine",
    "versions": [
      {
        "lessThan": "128104",
        "status": "affected",
        "version": "0",
        "versionType": "128104"
      },
      {
        "lessThan": "128238",
        "status": "affected",
        "version": "128151",
        "versionType": "128238"
      },
      {
        "lessThan": "128250",
        "status": "affected",
        "version": "128247",
        "versionType": "128250"
      }
    ]
  }
]

Source	Link
manageengine	www.manageengine.com/network-monitoring/security-updates/cve-2024-38870.html

17 Jul 2024 16:48Current

CVSS 3.13.5

EPSS0.00063

CWE-79

zohocorp opmanager xss storedvulnerability 128104 128151 128238 128247 128250 reportsmodule