CVE-2024-27313

CWE-79Cross-site Scripting (XSS)2 documents2 sources
Severity
4.6MEDIUM
EPSS
1.0%
top 23.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Manageengine Pam360Zohocorp Manageengine Pam360
Timeline
PublishedMay 29

Description

Zoho ManageEngine PAM360 is vulnerable to Stored XSS vulnerability. This vulnerability is applicable only in the version 6610.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:NExploitability: 2.1 | Impact: 4.2

Affected Packages2 packages

CVEListV5manageengine/pam36066106611

🔴Vulnerability Details

1
CVEList
XSS Vulnerability2024-05-29
CVE-2024-27313 (MEDIUM CVSS 4.6) | Zoho ManageEngine PAM360 is vulnera | cvebase.io