1 results (0.002 seconds)

CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0

Zoho ManageEngine ServiceDesk Plus MSP before 14504 allows stored XSS (by a low-privileged technician) via a task's name in a time sheet. Zoho ManageEngine ServiceDesk Plus MSP anterior a 14504 permite almacenar XSS (por parte de un técnico con pocos privilegios) a través del nombre de una tarea en una hoja de horas. • https://manageengine.com https://www.manageengine.com/products/service-desk-msp/CVE-2023-49943.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •