2 matches found
CVE-2018-20339
Zoho ManageEngine OpManager 12.3 before build 123239 is affected by a stored XSS in the Notes column of the Alarms section. The vulnerability, documented across multiple sources (including CNVD and CVE entries), allows injection of JavaScript in alarms notes which could lead to session theft or e...
Zoho ManageEngine OpManager 12.3 Alarms Cross Site Scripting
I. VULNERABILITY ------------------------- Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the Notes column of the Alarms section II. CVE REFERENCE ------------------------- CVE-2018-20339 III. VENDOR ------------------------- https://www.manageengine.com IV. TIMELINE...