ManageEngine_DesktopCentral.exe in Zoho ManageEngine Desktop Central 10 allows HTML injection on the user administration page via the description of a role.
References
Link | Resource |
---|---|
https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-15510-manageengine-desktopcentral-v-10-vulnerable-to-html-injection/ | Exploit Third Party Advisory |
https://www.manageengine.com/products/desktop-central/html-injection.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-23T13:03:12
Updated: 2020-03-31T11:42:06
Reserved: 2019-08-23T00:00:00
Link: CVE-2019-15510
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-03-23T14:15:12.987
Modified: 2023-02-03T19:25:06.577
Link: CVE-2019-15510
JSON object: View
Redhat Information
No data.
CWE