CVE-2023-38333

Published: Aug 10, 2023
Updated: Aug 16, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-38333" target="_blank" rel="noopener"> CVE-2023-38333
Severity: Medium
Exploit:

Zoho ManageEngine Applications Manager through 16530 allows reflected XSS while logged in.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
zohocorp / manageengine_applications_manager	16.5-build16530	16.5-build16530.x
zohocorp / manageengine_applications_manager	16.5-build16520	16.5-build16520.x
zohocorp / manageengine_applications_manager	16.5-build16510	16.5-build16510.x
zohocorp / manageengine_applications_manager	16.5-build16511	16.5-build16511.x
zohocorp / manageengine_applications_manager	16.5-build16500	16.5-build16500.x
zohocorp / manageengine_applications_manager	16.5	16.5.x
zohocorp / manageengine_applications_manager	-	16.5