CVE-2023-38333

Name of the Vulnerable Software and Affected Versions Zoho ManageEngine Applications Manager versions through 16530

Description The issue is related to the failure to protect the web page structure, allowing a remote attacker to conduct a cross-site scripting attack and execute arbitrary code. This can be achieved through reflected XSS while logged in. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For versions through 16530, update to a version that includes the fix for this issue to prevent reflected XSS attacks. As a temporary workaround, consider restricting access to sensitive features or pages that may be vulnerable to cross-site scripting attacks until a patch is available.