PT-2024-13838 · Zoho · Zoho Manageengine Servicedesk Plus
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ServiceDesk Plus MSP versions prior to 14504 Description: The issue allows stored XSS via a task's name in a time sheet, which can be exploited by a low-privileged technician. Recommendations: For versions prior to 14504,...