CVE-2019-12538: XSS
First published: Wed Jun 05 2019(Updated: )
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SiteLookup.do search field.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zohocorp Manageengine Servicedesk Plus | =9.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-12538?
CVE-2019-12538 is a vulnerability discovered in Zoho ManageEngine ServiceDesk Plus 9.3 that allows for XSS attacks via the SiteLookup.do search field.
How severe is CVE-2019-12538?
CVE-2019-12538 has a severity rating of medium with a CVSS score of 6.1.
How does CVE-2019-12538 affect Zoho ManageEngine ServiceDesk Plus?
CVE-2019-12538 affects Zoho ManageEngine ServiceDesk Plus version 9.3.
What is the Common Vulnerabilities and Exposures (CVE) identifier for this vulnerability?
The Common Vulnerabilities and Exposures (CVE) identifier for this vulnerability is CVE-2019-12538.
Is there a fix available for CVE-2019-12538?
To fix CVE-2019-12538, upgrade Zoho ManageEngine ServiceDesk Plus to a version higher than 9.3.
- collector/nvd-index
- agent/weakness
- agent/tags
- agent/type
- agent/event
- agent/references
- agent/author
- agent/description
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/zohocorp
- canonical/zohocorp manageengine servicedesk plus
- version/zohocorp manageengine servicedesk plus/9.3