PT-2023-21663 · Zoho · Zoho Manageengine Applications Manager
Da22Le
·
Published
2023-04-11
·
Updated
2023-04-14
·
CVE-2023-28340
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Zoho ManageEngine Applications Manager versions through 16320
Description
The issue allows an admin user to conduct an XXE attack.
Recommendations
For versions through 16320, update to a version that contains a fix for this issue to prevent XXE attacks.
Fix
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zoho Manageengine Applications Manager