PT-2018-15406 · Zoho Manageengine · Adselfservice Plus

Published

2018-12-26

·

Updated

2019-05-10

·

CVE-2018-20484

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Zoho ManageEngine ADSelfService Plus version 5.7 before build 5702
Description The issue concerns an XSS in the self-update layout implementation.
Recommendations For Zoho ManageEngine ADSelfService Plus version 5.7 before build 5702, update to build 5702 or later to resolve the issue.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2018-20484

Affected Products

Adselfservice Plus