CVE-2019-12537 — Cross-site Scripting in Manageengine Assetexplorer

Severity

6.1MEDIUMNVD

EPSS

1.6%

top 18.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJul 11

Latest updateMay 24

Description

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

GHSA

GHSA-688j-xx4x-ch4h: An issue was discovered in Zoho ManageEngine AssetExplorer↗2022-05-24

▶

CVEList

CVE-2019-12537: An issue was discovered in Zoho ManageEngine AssetExplorer↗2019-07-11

▶