CVE-2021-46065

Medium

A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an…

mitre·CWE-79·Published 2022-01-27

CVSS

4.8

EPSS

0.92

KEV

Exploits

cve.orgen

179 chars

A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.

NVDen

179 chars

A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.

Una vulnerabilidad de tipo Cross-site scripting (XSS) en el Campo Secondary Email en Zoho ManageEngine ServiceDesk Plus versión 11.3 Build 11306, permite a atacantes inyectar código JavaScript arbitrario

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:N/I:P/A:N
3.1	Primary	NVD	4.8	1.7	2.7	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N