Vulnerabilities > Zohocorp > Manageengine Supportcenter Plus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-30 | CVE-2021-43294 | Cross-site Scripting vulnerability in Zohocorp Manageengine Supportcenter Plus 11.0 Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to Reflected XSS in the Products module. | 6.1 |
| 2021-11-30 | CVE-2021-43295 | Cross-site Scripting vulnerability in Zohocorp Manageengine Supportcenter Plus 11.0 Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to Reflected XSS in the Accounts module. | 6.1 |
| 2018-09-21 | CVE-2018-16965 | Cross-site Scripting vulnerability in Zohocorp Manageengine Supportcenter Plus 7.9/7.90/8.0 In Zoho ManageEngine SupportCenter Plus before 8.1 Build 8109, there is HTML Injection and Stored XSS via the /ServiceContractDef.do contractName parameter. | 6.1 |