Vulnerabilities > Zohocorp > Manageengine Applications Manager > 15.2

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-10	CVE-2023-38333	Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager Zoho ManageEngine Applications Manager through 16530 allows reflected XSS while logged in. network low complexity zohocorp CWE-79	6.1
2023-04-26	CVE-2023-29442	Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager Zoho ManageEngine Applications Manager before 16400 allows proxy.html DOM XSS. network low complexity zohocorp CWE-79	6.1
2022-05-24	CVE-2022-23050	Uncontrolled Search Path Element vulnerability in Zohocorp Manageengine Applications Manager ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the 'working' folder through the 'Upload Files / Binaries' functionality. network low complexity zohocorp CWE-427	7.2
2021-10-21	CVE-2021-35512	Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Applications Manager 15.2 An SSRF issue was discovered in Zoho ManageEngine Applications Manager build 15200. network low complexity zohocorp CWE-918	6.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.