XSS Vulnerability in Zoho ManageEngine ServiceDesk Plus 14: Comment Field in Assets Credentials Change

XSS Vulnerability in Zoho ManageEngine ServiceDesk Plus 14: Comment Field in Assets Credentials Change

CVE-2023-23078 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via the comment field when changing the credentials in the Assets.

Learn more about our Web Application Penetration Testing UK.