Unrated severityNVD Advisory· Published Apr 9, 2021· Updated Aug 3, 2024
CVE-2021-20080
CVE-2021-20080
Description
Insufficient output sanitization in ManageEngine ServiceDesk Plus before version 11200 and ManageEngine AssetExplorer before version 6800 allows a remote, unauthenticated attacker to conduct persistent cross-site scripting (XSS) attacks by uploading a crafted XML asset file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <11200
- Range: <6800
- Range: Before 6800
Patches
Vulnerability mechanics
References
1- www.tenable.com/security/research/tra-2021-11mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.