Manageengine » Opmanager : Security Vulnerabilities, CVEs,
Cross Site Scripting (XSS) vulnerability exists in ManageEngine OPManager <=12.5.174 when the API key contains an XML-based XSS payload.
Max CVSS
6.1
EPSS Score
0.07%
Published
2021-09-21
Updated
2021-09-29
Multiple cross-site scripting (XSS) vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Edition and OpManager 7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) requestid, (2) fileid, (3) woMode, and (2) woID parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
4.3
EPSS Score
0.23%
Published
2007-11-08
Updated
2017-07-29
2 vulnerabilities found