2 matches found
CVE-2023-23073
Cross site scripting XSS vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via PO in the purchase component...
CVE-2023-23073
CVE-2023-23073 affects Zoho ManageEngine ServiceDesk Plus 14, with a cross-site scripting (XSS) vulnerability exposed via the purchase order (PO) in the purchase component. Connected documents confirm the issue in SDP 14 (and pre-14.1 MSP/SDP variants) and describe the root cause as an XSS flaw i...