CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-17596

In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 82.7%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://packetstormsecurity.com/files/149597/ManageEngine-AssetExplorer-6.2.0-Cross-Site-Scripting.html
http://packetstormsecurity.com/files/149597/ManageEngine-AssetExplorer-6.2.0-Cross-Site-Scripting.html

Products affected by CVE-2018-17596

Zohocorp » Manageengine Assetexplorer » Version: 6.2.0

cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17596

Products

Pricing

Contact Us