Vulnerabilities > Zohocorp > Manageengine Servicedesk Plus MSP > 14.5

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-23	CVE-2024-38869	Cross-site Scripting vulnerability in Zohocorp products Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25. network low complexity zohocorp CWE-79	5.4
2024-08-23	CVE-2024-41150	Cross-site Scripting vulnerability in Zohocorp products An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800. network low complexity zohocorp CWE-79	6.1
2024-01-18	CVE-2023-49943	Cross-site Scripting vulnerability in Zohocorp Manageengine Servicedesk Plus MSP Zoho ManageEngine ServiceDesk Plus MSP before 14504 allows stored XSS (by a low-privileged technician) via a task's name in a time sheet. network low complexity zohocorp CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.