Vulnerabilities > Zohocorp > Manageengine Adselfservice Plus

DATE CVE VULNERABILITY TITLE RISK
2019-01-03 CVE-2018-20664 XXE vulnerability in Zohocorp Manageengine Adselfservice Plus 5.7
Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE via an uploaded product license.
network
low complexity
zohocorp CWE-611
critical
 9.8
9.8
2018-12-26 CVE-2018-20485 Cross-site Scripting vulnerability in Zohocorp Manageengine Adselfservice Plus
Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the employee search feature.
network
low complexity
zohocorp CWE-79
6.1
6.1
2018-12-26 CVE-2018-20484 Cross-site Scripting vulnerability in Zohocorp Manageengine Adselfservice Plus 5.7
Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.
network
low complexity
zohocorp CWE-79
6.1
6.1