Zoho ManageEngine ADSelfService Plus before 6104 allows stored XSS on the /webclient/index.html#/directory-search user search page via the e-mail address field.
2021-05-20T18:15:07.600
2024-11-21T05:58:54.973
Modified
CVSSv3.1: 6.1 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | zohocorp | manageengine_adselfservice_plus | < 6.1 | Yes |
Application | zohocorp | manageengine_adselfservice_plus | 6.1 | Yes |
Application | zohocorp | manageengine_adselfservice_plus | 6.1 | Yes |
Application | zohocorp | manageengine_adselfservice_plus | 6.1 | Yes |