ManageEngine_DesktopCentral.exe in Zoho ManageEngine Desktop Central 10 allows HTML injection on the user administration page via the description of a role.
Published March 23, 2020.
Zohocorp Manageengine Desktop Central
