Stored XSS Vulnerability in Zoho ManageEngine Applications Manager Allows Injection of Malicious JavaScript on Incorrect Login Details Page

Stored XSS Vulnerability in Zoho ManageEngine Applications Manager Allows Injection of Malicious JavaScript on Incorrect Login Details Page

CVE-2023-28341 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Stored Cross site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager through 16340 allows an unauthenticated user to inject malicious javascript on the incorrect login details page.

Learn more about our User Device Pen Test.