CVE-2018-16965 – In Zoho ManageEngine SupportCenter Plus 8.1.0, there is HTML Injection and Stored XSS via …

0

Vuln ID: CVE-2018-16965

Published:  2018-09-21  17:29:06Z

Description: In Zoho ManageEngine SupportCenter Plus 8.1.0, there is HTML Injection and Stored XSS via the /ServiceContractDef.do contractName parameter.

Source: NVD.NIST.GOV