3 matches found
CVE-2018-19921
Zoho ManageEngine OpManager 12.3 before 123237 has XSS in the domain controller...
Zoho ManageEngine OpManager 12.3 Cross Site Scripting
I. VULNERABILITY ------------------------- Zoho ManageEngine OpManager 12.3 before Build 123237 has XSS via the domainController API. II. CVE REFERENCE ------------------------- CVE-2018-19921 III. VENDOR ------------------------- https://www.manageengine.com IV. TIMELINE ------------------------...
CVE-2018-19921
CVE-2018-19921 affects Zoho ManageEngine OpManager 12.3 before build 123237. A cross-site scripting (XSS) flaw exists in the domain controller component, exposed via the domainController API. Exploitation could enable a remote attacker to inject script or HTML, potentially compromising user sessi...