Security Advisory

CVE-2021-20080

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-09 17:21:07

Last updated 2024-08-03 17:30:07

Assigner tenable

State PUBLISHED

Description

Insufficient output sanitization in ManageEngine ServiceDesk Plus before version 11200 and ManageEngine AssetExplorer before version 6800 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks by uploading a crafted XML asset file.

← Browse all CVEs View on cve.org ↗