Security Advisory

CVE-2019-12252

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-05-21 17:24:18

Last updated 2024-08-04 23:17:38

Assigner mitre

State PUBLISHED

Description

In Zoho ManageEngine ServiceDesk Plus through 10.5, users with the lowest privileges (guest) can view an arbitrary post by appending its number to the SDNotify.do?notifyModule=Solution&mode=E-Mail&notifyTo=SOLFORWARD&id= substring.

← Browse all CVEs View on cve.org ↗