Servicedesk Plus Security Vulnerabilities and Issues — Servicedesk Plus CVE List

Lucene search

ManageengineServicedesk Plus

3 matches found

CVE•added 2012/08/12 9:55 p.m.•61 views

CVE-2012-2585

Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ServiceDesk Plus 8.1 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS expression property ...

4.3CVSS5.8AI score0.00382EPSS

CVE•added 2015/02/04 4:59 p.m.•41 views

CVE-2015-1480

ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows remote authenticated users to obtain sensitive ticket information via a (1) getTicketData action to servlet/AJaxServlet or a direct request to (2) swf/flashreport.swf, (3) reports/flash/details.jsp, or (4) reports/CreateReportTab...

4CVSS6AI score0.1823EPSS

CVE•added 2011/09/20 10:55 a.m.•39 views

CVE-2011-1510

Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus (SDP) before 8012 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter.

4.3CVSS5.7AI score0.00329EPSS