CVE-2018-16965 – In Zoho ManageEngine SupportCenter Plus before 8.1 Build 8109, there is HTML Injection and …

0

Vuln ID: CVE-2018-16965 (manageengine_supportcenter_plus)

Published:  2018-09-21  17:29:06Z

Description: In Zoho ManageEngine SupportCenter Plus before 8.1 Build 8109, there is HTML Injection and Stored XSS via the /ServiceContractDef.do contractName parameter.

Source: NVD.NIST.GOV