Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2023-28340

Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack.

  • Published: Apr 11, 2023
  • Updated: Apr 15, 2023
  • CVE: CVE-2023-28340
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
zohocorp / manageengine_applications_manager - 16.3
zohocorp / manageengine_applications_manager 16.3-build16310 16.3-build16310.x
zohocorp / manageengine_applications_manager 16.3-build16320 16.3-build16320.x
zohocorp / manageengine_applications_manager 16.3-build16300 16.3-build16300.x