CVE-2019-12596

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
1.6%
top 18.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Zohocorp Manageengine Assetexplorer
Timeline
PublishedJul 11
Latest updateMay 24

Description

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-f26q-xpfw-6vmj: An issue was discovered in Zoho ManageEngine AssetExplorer2022-05-24
CVEList
CVE-2019-12596: An issue was discovered in Zoho ManageEngine AssetExplorer2019-07-11
CVE-2019-12596 (MEDIUM CVSS 6.1) | An issue was discovered in Zoho Man | cvebase.io