VYPR

ManageEngine AssetExplorer

by Zoho

CVEs (2)

  • CVE-2018-17596MedOct 2, 2018
    risk 0.40cvss 6.1epss 0.02

    In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter.

  • CVE-2015-2169Jun 24, 2015
    risk 0.04cvss epss 0.08

    Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112 allows remote attackers to inject arbitrary web script or HTML via a Publisher registry entry, which is not properly handled when the machine is scanned.