Zoho Corp ManageEngine ServiceDesk Plus 14.3 14304

CPE Details

Zoho Corp ManageEngine ServiceDesk Plus 14.3 14304
zohocorp
manageengine_servicedesk_plus
14.3
2023-07-12
14h10 +00:00
2023-07-12
17h09 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.3:14304:*:*:*:*:*:*

Informations

Vendor

zohocorp

Product

manageengine_servicedesk_plus

Version

14.3

Update

14304

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-50053 2025-03-21 06h01 +00:00 Zohocorp ManageEngine ServiceDesk Plus versions below 14920 , ServiceDesk Plus MSP and SupportCentre Plus versions below 14910 are vulnerable to Stored XSS in the task feature.
6.3
Medium
CVE-2024-41150 2024-08-23 14h08 +00:00 An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800.
6.3
Medium
CVE-2024-38869 2024-08-23 14h07 +00:00 Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25.
8.3
High
CVE-2019-15045 2019-08-21 16h26 +00:00 AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended functionality
5.3
Medium
CVE-2019-15046 2019-08-14 12h51 +00:00 Zoho ManageEngine ServiceDesk Plus 10 before 10509 allows unauthenticated sensitive information leakage during Fail Over Service (FOS) replication, aka SD-79989.
7.5
High
CVE-2018-5799 2018-03-30 11h00 +00:00 In Zoho ManageEngine ServiceDesk Plus before 9403, an XSS issue allows an attacker to run arbitrary JavaScript via a /api/request/?OPERATION_NAME= URI, aka SD-69139.
6.1
Medium