Vulnerability Details CVE-2018-15169
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager 13 before build 13820 allows remote attackers to inject arbitrary web script or HTML via the /deleteMO.do method parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.8%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://github.com/x-f1v3/ForCve/issues/3
- https://www.manageengine.com/products/applications_manager/issues.html
- https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2018-15169.html
- https://github.com/x-f1v3/ForCve/issues/3
- https://www.manageengine.com/products/applications_manager/issues.html
- https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2018-15169.html
Products affected by CVE-2018-15169
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.0
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.1
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.2
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.3
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.4
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.5
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.6
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.7
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.8
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:11.9
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.0
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.1
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.2
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.3
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.4
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.5
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.6
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.7
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.8
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:12.9
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:13
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.0
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.1
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.2
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.3
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.4
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8
-
cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9