Podatność CVE-2018-9163

Podatność CVE-2018-9163

Publikacja: 2018-04-02

Opis:

Typ:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
3.5/10	2.9/10	6.8/10

Affected software
Zohocorp -> Manageengine recovery manager plus

http://www.securityfocus.com/bid/103773

https://gurelahmet.com/cve-2018-9163-zoho-manageengine-recovery-manager-plus-5-3-build-5330-stored-cross-site-scripting-xss-vulnerability/

https://www.exploit-db.com/exploits/44666/

https://www.manageengine.com/ad-recovery-manager/release-notes.html#5350