Unrated severityNVD Advisory· Published Feb 2, 2015· Updated Jun 17, 2026
CVE-2015-0866
CVE-2015-0866
Description
Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.9 before hotfix 7941 allow remote attackers to inject arbitrary web script or HTML via the (1) fromCustomer, (2) username, or (3) password parameter to HomePage.do.
Affected products
2- cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:*:*:*:*:*:*:*:*Range: <=7.9
- Range: = 7.9 before hotfix 7941
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.