CVE-2018-16965

In Zoho ManageEngine SupportCenter Plus before 8.1 Build 8109, there is HTML Injection and Stored XSS via the /ServiceContractDef.do contractName parameter.
Configurations

Configuration 1

cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:*:*:*:*:*:*:*:*

Information

Published : 2018-09-21 05:29

Updated : 2018-11-09 05:52


NVD link : CVE-2018-16965

Mitre link : CVE-2018-16965

Products Affected
No products.
CWE