4 matches found
CVE-2022-24681
Zoho ManageEngine ADSelfService Plus before 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen...
PT-2023-28366 · Sap · Sap Commerce Cloud
Name of the Vulnerable Software and Affected Versions: SAP Commerce Cloud versions HY COM 1905 through HY COM 2205, COM CLOUD 2211 Description: A locked B2B user can misuse the forgotten password functionality to un-block their user account again and re-gain access if SAP Commerce Cloud -...
CVE-2022-24681
Zoho ManageEngine ADSelfService Plus before 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen...
Zoho Corporation ADSelfService Plus 跨站脚本漏洞
Zoho Corporation ADSelfService Plus is a single management platform from Zoho Corporation, Inc. for complete self-service password management. Zoho Corporation ADSelfService Plus suffers from a cross-site scripting vulnerability that originates from Reset Password, Unlock Account and User Must...