CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-12539

An issue was discovered in the Purchase component of Zoho ManageEngine ServiceDesk Plus. There is XSS via the SearchN.do search field, a different vulnerability than CVE-2019-12189.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.059

EPSS Ranking 90.1%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine
https://www.manageengine.com/products/service-desk/readme.html
https://github.com/tarantula-team/Multiple-Cross-Site-Scripting-vulnerabilities-in-Zoho-ManageEngine
https://www.manageengine.com/products/service-desk/readme.html

Products affected by CVE-2019-12539

Zohocorp » Manageengine Servicedesk Plus » Version: 10.5

cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:10.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12539

Products

Pricing

Contact Us