5 matches found
Server side request forgery (ssrf)
A Server-side request forgery SSRF vulnerability in the ProductConfig servlet in Zoho ManageEngine ADSelfService Plus through 6013 allows a remote unauthenticated attacker to perform blind HTTP requests or perform a Cross-site scripting XSS attack against the administrative interface via an HTTP...
CVE-2021-27214
CVE-2021-27214 concerns Zoho ManageEngine ADSelfService Plus, where the ProductConfig servlet (through build 6013) is vulnerable to server-side request forgery (SSRF). An unauthenticated remote attacker can trigger blind HTTP requests or, per description, perform a cross-site scripting (XSS) atta...
RHEL 7 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:3905)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3905 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
CVE-2019-3905
Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF...
CVE-2019-3905
CVE-2019-3905 affects Zoho ManageEngine ADSelfService Plus 5.x prior to build 5703. The vulnerability is an SSRF issue in the product, enabling an attacker to trigger server-side requests via crafted input. Public references in the connected documents confirm the issue was fixed by Build 5703 (re...