CVE-2018-16833: XSS
First published: Fri Sep 21 2018(Updated: )
Zoho ManageEngine Desktop Central 10.0.271 has XSS via the "Features & Articles" search field to the /advsearch.do?SUBREQUEST=XMLHTTP URI.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zohocorp Manageengine Desktop Central | =10.0.271 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2018-16833.
What is the severity level of CVE-2018-16833?
The severity level of CVE-2018-16833 is medium with a score of 6.1.
How can this vulnerability be exploited?
This vulnerability can be exploited via the "Features & Articles" search field to the /advsearch.do?SUBREQUEST=XMLHTTP URI.
What software versions are affected by CVE-2018-16833?
Zoho ManageEngine Desktop Central version 10.0.271 is affected by CVE-2018-16833.
Is there a fix available for this vulnerability?
The recommended fix for this vulnerability is to update Zoho ManageEngine Desktop Central to a version that is not affected by this vulnerability.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/zohocorp
- canonical/zohocorp manageengine desktop central
- version/zohocorp manageengine desktop central/10.0.271