First published: Thu Aug 10 2023(Updated: )
Zoho ManageEngine Applications Manager through 16530 allows reflected XSS while logged in.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zohocorp ManageEngine Applications Manager | <16.5 | |
Zohocorp ManageEngine Applications Manager | =16.5 | |
Zohocorp ManageEngine Applications Manager | =16.5-build16500 | |
Zohocorp ManageEngine Applications Manager | =16.5-build16510 | |
Zohocorp ManageEngine Applications Manager | =16.5-build16511 | |
Zohocorp ManageEngine Applications Manager | =16.5-build16520 | |
Zohocorp ManageEngine Applications Manager | =16.5-build16530 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-38333 is a vulnerability in Zoho ManageEngine Applications Manager that allows for reflected XSS attacks while logged in.
The severity of CVE-2023-38333 is medium, with a CVSS score of 6.1.
CVE-2023-38333 affects Zoho ManageEngine Applications Manager versions prior to 16.5-build16530.
To fix CVE-2023-38333 in Zoho ManageEngine Applications Manager, upgrade to version 16.5-build16530 or later.
Yes, security updates for CVE-2023-38333 are available. Please refer to the following link for more information: [link]https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2023-38333.html[endlink]