CVE-2019-15510: XSS
First published: Mon Mar 23 2020(Updated: )
ManageEngine_DesktopCentral.exe in Zoho ManageEngine Desktop Central 10 allows HTML injection on the user administration page via the description of a role.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zohocorp Manageengine Desktop Central | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-15510?
CVE-2019-15510 is a vulnerability that allows HTML injection on the user administration page in Zoho ManageEngine Desktop Central 10.
What is the severity of CVE-2019-15510?
CVE-2019-15510 has a severity rating of medium with a CVSS score of 6.1.
How does CVE-2019-15510 affect Zoho ManageEngine Desktop Central?
CVE-2019-15510 allows HTML injection via the description of a role on the user administration page in Zoho ManageEngine Desktop Central 10.
What is the fix for CVE-2019-15510?
To fix CVE-2019-15510, update Zoho ManageEngine Desktop Central to a version that is not affected by the vulnerability.
Where can I find more information about CVE-2019-15510?
You can find more information about CVE-2019-15510 on the following websites: [link1](https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-15510-manageengine-desktopcentral-v-10-vulnerable-to-html-injection/) and [link2](https://www.manageengine.com/products/desktop-central/html-injection.html).
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/zohocorp
- canonical/zohocorp manageengine desktop central
- version/zohocorp manageengine desktop central/10.0