Vulnerabilities > Ivanti > Service Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-02-01 CVE-2021-38560 Cross-site Scripting vulnerability in Ivanti Service Manager 2021.1
Ivanti Service Manager 2021.1 allows reflected XSS via the appName parameter associated with ConfigDB calls, such as in RelocateAttachments.aspx.
network
ivanti CWE-79
4.3