CVE-2021-46065

Medium

A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an…

mitre·CWE-79·Published 2022-01-27

CVSS

4.8

EPSS

0.92

KEV

Exploits

cve.orgen

179 chars

A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.

NVDen

179 chars

A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.

NVDes

203 chars

Una vulnerabilidad de tipo Cross-site scripting (XSS) en el Campo Secondary Email en Zoho ManageEngine ServiceDesk Plus versión 11.3 Build 11306, permite a atacantes inyectar código JavaScript arbitrario

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:N/I:P/A:N
3.1	Primary	NVD	4.8	1.7	2.7	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N