Suraj Krishnaswami

**Name of the Vulnerable Software and Affected Versions** Zoho ManageEngine AssetExplorer version 6.1 service pack 6112 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via a Publisher registry entry. This occurs because the entry is not properly handled when the machine is scanned. **Recommendations** For Zoho ManageEngine AssetExplorer version 6.1 service pack 6112, consider disabling the scanning of Publisher registry entries until a patch is available to prevent exploitation of this issue.