First published: Wed Apr 26 2023(Updated: )
Zoho ManageEngine Applications Manager before 16400 allows proxy.html DOM XSS.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zohocorp ManageEngine Applications Manager | <16.3 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16300 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16310 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16320 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16330 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16340 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16350 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16360 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16361 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16370 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16380 | |
Zohocorp ManageEngine Applications Manager | =16.3-build16390 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2023-29442.
The severity of CVE-2023-29442 is medium with a CVSS score of 6.1.
The affected software for CVE-2023-29442 is Zoho ManageEngine Applications Manager before version 16.4.
The CWE category for CVE-2023-29442 is CWE-79 (Cross-site Scripting).
You can find more information about CVE-2023-29442 at the following link: [CVE-2023-29442](https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2023-29442.html)