CVE-2024-38870 | Zoho ManageEngine OpManager 128237/128249/up to 128103 Reports cross site scripting

Inserito da Angelo Barbosa | Lug 17, 2024 | CVE

A vulnerability was found in Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP and OpManager Enterprise Edition up to 128103/128237/128249. It has been declared as problematic. This vulnerability affects unknown code of the component Reports. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-38870. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38870 | Zoho ManageEngine OpManager 128237/128249/up to 128103 Reports cross site scripting

Post correlati

CVE-2024-26367 | Evertz MViP-II Firmware Login Parameter cross site scripting

CVE-2024-26146 | rubygem-rack Header Parser denial of service

CVE-2024-42482 | fish-shop syntax-check up to 1.6.11 Workflow delimiters

CVE-2024-0882 | qwdigital LinkWechat 5.1.0 Universal Download Interface resource name path traversal