CVE-2019-12595

Published: Jul 11, 2019
Updated: Apr 13, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2019-12595" target="_blank" rel="noopener"> CVE-2019-12595
Severity: Medium
Exploit:

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter.

CVSS v3:

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
zohocorp / manageengine_assetexplorer	6.5	6.5.x
zohocorp / manageengine_assetexplorer	6.5-6500	6.5-6500.x
zohocorp / manageengine_assetexplorer	6.5-6501	6.5-6501.x
zohocorp / manageengine_assetexplorer	6.5-6502	6.5-6502.x
zohocorp / manageengine_assetexplorer	6.5-6503	6.5-6503.x
zohocorp / manageengine_assetexplorer	6.5-6504	6.5-6504.x