CVE-2025-7473

CWE-913 documents3 sources
Severity
5.3MEDIUM
EPSS
0.0%
top 92.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Zohocorp Endpoint CentralZohocorp Manageengine Endpoint Central
Timeline
PublishedOct 21

Description

Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:LExploitability: 2.0 | Impact: 2.7

Affected Packages2 packages

CVEListV5zohocorp/endpoint_central11.4.2516.1

🔴Vulnerability Details

2
GHSA
GHSA-4x28-f32q-r2qv: Zohocorp ManageEngine EndPoint Central versions 112025-10-21
CVEList
XML Injection2025-10-21