Vulnerabilities > Zohocorp > Manageengine Applications Manager > 15.0

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-10	CVE-2023-38333	Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager Zoho ManageEngine Applications Manager through 16530 allows reflected XSS while logged in. network low complexity zohocorp CWE-79	6.1
2023-04-26	CVE-2023-29442	Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager Zoho ManageEngine Applications Manager before 16400 allows proxy.html DOM XSS. network low complexity zohocorp CWE-79	6.1
2022-05-24	CVE-2022-23050	Uncontrolled Search Path Element vulnerability in Zohocorp Manageengine Applications Manager ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the 'working' folder through the 'Upload Files / Binaries' functionality. network low complexity zohocorp CWE-427	7.2
2021-07-01	CVE-2021-31813	Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager Zoho ManageEngine Applications Manager before 15130 is vulnerable to Stored XSS while importing malicious user details (e.g., a crafted user name) from AD. network zohocorp CWE-79	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.