9 matches found
CVE-2023-23078
Cross site scripting XSS vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via the comment field when changing the credentials in the Assets...
CVE-2023-23074
Cross site scripting XSS vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via embedding videos in the language component...
CVE-2023-23074
Cross site scripting XSS vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via embedding videos in the language component...
Cross site scripting
Cross site scripting XSS vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via the comment field when changing the credentials in the Assets...
Cross site scripting
Cross site scripting XSS vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via PO in the purchase component...
Cross site scripting
Cross site scripting XSS vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via embedding videos in the language component...
CVE-2023-23073
CVE-2023-23073 affects Zoho ManageEngine ServiceDesk Plus 14, with a cross-site scripting (XSS) vulnerability exposed via the purchase order (PO) in the purchase component. Connected documents confirm the issue in SDP 14 (and pre-14.1 MSP/SDP variants) and describe the root cause as an XSS flaw i...
CVE-2023-23078
Summary: CVE-2023-23078 is a cross-site scripting (XSS) vulnerability reported in Zoho ManageEngine ServiceDesk Plus 14, exploitable via the comment field when changing credentials in the Assets. Connected sources (Red Hat, Nessus, CVE lists) corroborate an XSS issue affecting SDP/Asset-related c...
CVE-2023-23074
CVE-2023-23074 is a cross-site scripting (XSS) vulnerability affecting Zoho ManageEngine ServiceDesk Plus 14, caused by embedding videos in the language component. Public sources from Red Hat and Nessus identify affected versions as ServiceDesk Plus prior to 14.1 Build 14104. The CVSS v3.1 base s...