cvelistv5 - cve-2018-20484

CVE-2018-20484 (GCVE-0-2018-20484)

Vulnerability from cvelistv5

Published

2018-12-26 18:00

Modified

2024-08-05 12:05

Severity ?

CWE

Summary

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.

References

►

URL

Tags

cve@mitre.org	http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html
cve@mitre.org	https://www.manageengine.com/products/self-service-password/release-notes.html	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html
af854a3a-2127-422b-91ae-364da2661108	https://www.manageengine.com/products/self-service-password/release-notes.html	Release Notes, Vendor Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T12:05:16.887Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/products/self-service-password/release-notes.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-12-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-10T17:06:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.manageengine.com/products/self-service-password/release-notes.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-20484",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.manageengine.com/products/self-service-password/release-notes.html",
              "refsource": "MISC",
              "url": "https://www.manageengine.com/products/self-service-password/release-notes.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-20484",
    "datePublished": "2018-12-26T18:00:00",
    "dateReserved": "2018-12-26T00:00:00",
    "dateUpdated": "2024-08-05T12:05:16.887Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-20484\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-12-26T18:29:00.543\",\"lastModified\":\"2024-11-21T04:01:34.643\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.\"},{\"lang\":\"es\",\"value\":\"Zoho ManageEngine ADSelfService Plus, en versiones 5.7 anteriores a la build 5702, tiene Cross-Site Scripting (XSS) en la implementaci\u00f3n del dise\u00f1o de autoactualizaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:4500:*:*:*:*:*:*\",\"matchCriteriaId\":\"796A4512-DC6E-42A1-9A57-D4F446A9BC34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5032:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C202C90-B792-4E0C-B7A9-C06FDB7C30DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5040:*:*:*:*:*:*\",\"matchCriteriaId\":\"42F19FC5-6C75-458A-9B90-376D0D1B0C59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5041:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DC23258-D431-40C0-9853-E08D36A225FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5100:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8AF9E70-E4F7-4BB1-9D49-33633AB9CE82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5101:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1174A0E-EFA2-4FAA-B42A-A0D4FAAD592D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5102:*:*:*:*:*:*\",\"matchCriteriaId\":\"A99912DA-82E6-4FD6-8916-635637941335\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5103:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC5FA48C-6B99-4B80-9256-694BD4174557\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5104:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D860882-A106-4771-87DF-9ADE482F41DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5105:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DD127BF-200A-45F5-9357-5024C76E7B12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5106:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D2143C4-D4A0-4AE5-86D2-D3DEFD27C9E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5107:*:*:*:*:*:*\",\"matchCriteriaId\":\"1745145D-493D-4181-B011-46490BBF5A7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5108:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A9605CA-8368-47D1-964A-684E099212D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5109:*:*:*:*:*:*\",\"matchCriteriaId\":\"109303F0-F6C6-4BC7-9011-BAAD6B1D043E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5110:*:*:*:*:*:*\",\"matchCriteriaId\":\"39BC2BEF-89B7-48F0-BAFC-26B1DE0E7EB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5111:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA12CCBE-5C43-4FF8-A9A5-63B91AA14C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5112:*:*:*:*:*:*\",\"matchCriteriaId\":\"270B44CA-F153-4EF8-8E0B-276E80C8ADB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5113:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EC9A6C6-3D3E-411F-89EF-CAFCF66D8222\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5114:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD55F212-950A-4421-9C73-80287647719F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5115:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E19A98-DF1A-44B0-AB69-6822F9110FE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5116:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AA56B14-E4B5-4373-81F3-ECFD30DC897B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5200:*:*:*:*:*:*\",\"matchCriteriaId\":\"77F2C9F3-67ED-4337-9EC8-A164ADCBFB5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5201:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE73451C-7289-4832-84A7-1A9D8CFE5EF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5202:*:*:*:*:*:*\",\"matchCriteriaId\":\"74AB64C4-625A-4369-8F16-3145B85A5DB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5203:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C8E8A1A-AA00-48AC-BB5F-59DA174A4F71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5204:*:*:*:*:*:*\",\"matchCriteriaId\":\"797C805C-68D4-4B5A-8AD8-C2036692C616\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5205:*:*:*:*:*:*\",\"matchCriteriaId\":\"50D245E8-5719-41B6-95C0-A2CACE88676D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5206:*:*:*:*:*:*\",\"matchCriteriaId\":\"809A4666-41E7-48B8-A9FA-A24A71EC5A1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5207:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BEADFCD-8A32-4D59-908A-37E9E3A52E49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5300:*:*:*:*:*:*\",\"matchCriteriaId\":\"28409900-B268-437E-B474-1CDF7C654161\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5301:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4A44B27-87F1-47F2-8596-663C63F4C1DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5302:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ACD689D-709B-471F-9C86-66E22E91DBCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5303:*:*:*:*:*:*\",\"matchCriteriaId\":\"749731D7-2431-4DBC-9E76-4BFB8F8C57C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5304:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B0B3278-EE00-40F5-8372-9AFA6F44B765\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5305:*:*:*:*:*:*\",\"matchCriteriaId\":\"916DEBE1-C3AB-415B-9463-1A4253F609C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5306:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CFBBCCD-7625-4C73-AFCA-924DFAC48BC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5307:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA24BDA1-675D-45E2-A0F8-041CC6DF1D39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5308:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE4EA03B-33D0-4057-A80C-4AF69D22FF38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5309:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BA96538-C2F8-42C2-AF49-55B7D216B17B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5310:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9227C12-AFD7-4481-8495-998F9AB4E668\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5311:*:*:*:*:*:*\",\"matchCriteriaId\":\"17755902-5421-45C1-8952-70771E8C79A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5312:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA16BF41-2F02-422A-A92F-40EA8BF7A75F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5313:*:*:*:*:*:*\",\"matchCriteriaId\":\"54C11E83-F0BA-4C47-875E-7CFEC447728E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5314:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDF73A07-905D-4F26-848B-84C3A9F1630C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5315:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EE92704-67CE-4D3A-97D1-BEAB1CFFC70C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5316:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABFB14B0-F81C-4C7A-B1EF-EF8C4D779576\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5317:*:*:*:*:*:*\",\"matchCriteriaId\":\"219F3924-899B-4D14-90FF-E1F8B8A6B5F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5318:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C222551-E231-43E3-98BD-773FDB68D589\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5319:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAD582DE-6811-4D78-899C-933D1D409EF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5320:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D7BF363-19F5-4655-9A8C-AFF535AF0558\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5321:*:*:*:*:*:*\",\"matchCriteriaId\":\"962CABE0-C8AF-4C2F-81D7-12D232C390F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5322:*:*:*:*:*:*\",\"matchCriteriaId\":\"613D8FD3-7086-4E59-A012-884A094BAD6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5323:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D14A1B5-95A8-4F62-B06A-8BA4641CC35E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5324:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3C27B95-B5AB-4BBD-9701-85560CC020CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5325:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B46B8A8-2C90-44C8-A5C9-186593D0A556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5326:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CA0E58E-2535-422A-AF35-3EF017792570\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5327:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CC89F07-DD8C-4DD9-BE80-D9DA689A4D19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5328:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD53F8D8-34A0-46F0-9AC9-EF088B4C9AB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5329:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9B6BA8A-8709-4E8E-A42E-85B0E99818E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5330:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0F00049-CA99-4A6B-B347-78768BF19DB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5400:*:*:*:*:*:*\",\"matchCriteriaId\":\"30A10B00-E8DD-445D-AFC3-DC7DAF42724F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5500:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBEEB6C7-764D-4012-9656-FC76F43A53EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5501:*:*:*:*:*:*\",\"matchCriteriaId\":\"86F5057B-4DFA-43A0-B604-9CACEEE926E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5502:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EF382C0-392B-4DA9-AFA2-3CD933615E4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5503:*:*:*:*:*:*\",\"matchCriteriaId\":\"78019D71-4598-4095-AAF4-13DCD93F842F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5504:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C6F69D0-1595-42E9-B812-63C133965E16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5505:*:*:*:*:*:*\",\"matchCriteriaId\":\"30D743E2-FE10-43BB-9514-4581F33F2C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5506:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4639A68-BAA3-4669-B2F1-AD381A25464D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5507:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF69BD50-A3B7-4C9C-83ED-088EBB977F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5508:*:*:*:*:*:*\",\"matchCriteriaId\":\"0313F401-85DC-4DF0-AEAD-A8D6885902CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5509:*:*:*:*:*:*\",\"matchCriteriaId\":\"924F6A44-0E30-46A9-990E-DA44AA61C012\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5510:*:*:*:*:*:*\",\"matchCriteriaId\":\"C514F02D-DB00-4B05-A53C-A13310FE9E4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5511:*:*:*:*:*:*\",\"matchCriteriaId\":\"D013876C-9433-4576-84B5-464649CC8199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5512:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DFA286F-0C4E-4C56-8FFB-15481594FE42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5513:*:*:*:*:*:*\",\"matchCriteriaId\":\"D86056BB-3CF4-4C8A-B685-1E88E25429F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5514:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDE0C598-57A7-4EEF-A98C-44B871955BC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5515:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6F752FD-8B2C-4636-B7DD-343D2DEDE7F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5516:*:*:*:*:*:*\",\"matchCriteriaId\":\"B435C1CA-2DD6-4DC7-B7B1-9B232EA5CFC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5517:*:*:*:*:*:*\",\"matchCriteriaId\":\"48A77EA0-C382-4A81-9EE3-48F7AC8AFEA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5518:*:*:*:*:*:*\",\"matchCriteriaId\":\"48907141-7B99-4D1A-955D-7E98B46E5A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5519:*:*:*:*:*:*\",\"matchCriteriaId\":\"C894A206-F09A-4D6A-9675-618CD8FEFD08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5520:*:*:*:*:*:*\",\"matchCriteriaId\":\"52028275-3CFA-4AB0-8013-018FF88C11B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5521:*:*:*:*:*:*\",\"matchCriteriaId\":\"2864B47E-79C8-4FE4-97E5-3C85C926CA21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5600:*:*:*:*:*:*\",\"matchCriteriaId\":\"627B72C4-8311-414D-AA55-EC5F71794F58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5601:*:*:*:*:*:*\",\"matchCriteriaId\":\"74839837-94FC-4A6F-8DE2-358A7AD28D28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5602:*:*:*:*:*:*\",\"matchCriteriaId\":\"66B9BB15-FA78-4C05-8670-610DD790FF75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5603:*:*:*:*:*:*\",\"matchCriteriaId\":\"166217A8-C306-4C79-A33F-D45032F2D1E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5604:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFC0E47A-8807-441D-BEFA-1E9A71EDA7C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5605:*:*:*:*:*:*\",\"matchCriteriaId\":\"06395B41-9538-42FF-8ADB-E750F5C5B2C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5606:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DF7379A-F56E-4A2D-8099-2C0E72B8ACA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5700:*:*:*:*:*:*\",\"matchCriteriaId\":\"76008ABA-2A6F-4EF9-B9F4-3CA996C1C5DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5701:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C9E0FFE-2C4E-4157-B6CB-D547DE62E8E4\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.manageengine.com/products/self-service-password/release-notes.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.manageengine.com/products/self-service-password/release-notes.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
  }
}

gsd-2018-20484

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.

Aliases

CVE-2018-20484

Aliases

CVE-2018-20484

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-20484",
    "description": "Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.",
    "id": "GSD-2018-20484",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2018-20484"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-20484"
      ],
      "details": "Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.",
      "id": "GSD-2018-20484",
      "modified": "2023-12-13T01:22:28.842306Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2018-20484",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.manageengine.com/products/self-service-password/release-notes.html",
            "refsource": "MISC",
            "url": "https://www.manageengine.com/products/self-service-password/release-notes.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5603:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5602:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5516:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5515:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5508:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5507:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5500:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5400:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5323:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5605:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5604:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5519:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5518:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5517:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5510:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5509:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5502:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5501:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5325:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5324:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5317:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5316:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5309:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5308:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5300:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5207:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5200:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5116:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5109:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5108:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5100:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5041:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5700:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5606:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5521:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5520:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5512:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5511:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5504:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5503:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5328:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5327:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5326:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5319:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5318:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5311:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5310:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5302:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5301:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5202:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5201:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5111:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5110:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5102:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5101:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5322:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5315:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5314:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5307:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5306:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5206:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5205:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5115:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5114:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5107:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5106:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5040:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5032:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5701:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5601:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5600:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5514:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5513:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5506:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5505:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5330:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5329:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5321:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5320:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5313:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5312:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5305:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5304:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5303:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5204:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5203:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5113:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5112:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5105:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5104:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5103:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:4500:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-20484"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.manageengine.com/products/self-service-password/release-notes.html",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "https://www.manageengine.com/products/self-service-password/release-notes.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2019-05-10T18:29Z",
      "publishedDate": "2018-12-26T18:29Z"
    }
  }
}

ghsa-4542-x8v2-hf3g

Vulnerability from github

Published

2022-05-14 01:04

Modified

2022-05-14 01:04

Severity ?

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-20484"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-12-26T18:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.",
  "id": "GHSA-4542-x8v2-hf3g",
  "modified": "2022-05-14T01:04:20Z",
  "published": "2022-05-14T01:04:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20484"
    },
    {
      "type": "WEB",
      "url": "https://www.manageengine.com/products/self-service-password/release-notes.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2018-20484

Vulnerability from fkie_nvd

Published

2018-12-26 18:29

Modified

2024-11-21 04:01

Severity ?

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html
cve@mitre.org	https://www.manageengine.com/products/self-service-password/release-notes.html	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html
af854a3a-2127-422b-91ae-364da2661108	https://www.manageengine.com/products/self-service-password/release-notes.html	Release Notes, Vendor Advisory

Impacted products

Vendor	Product	Version
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7
zohocorp	manageengine_adselfservice_plus	5.7

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:4500:*:*:*:*:*:*",
              "matchCriteriaId": "796A4512-DC6E-42A1-9A57-D4F446A9BC34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5032:*:*:*:*:*:*",
              "matchCriteriaId": "4C202C90-B792-4E0C-B7A9-C06FDB7C30DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5040:*:*:*:*:*:*",
              "matchCriteriaId": "42F19FC5-6C75-458A-9B90-376D0D1B0C59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5041:*:*:*:*:*:*",
              "matchCriteriaId": "6DC23258-D431-40C0-9853-E08D36A225FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5100:*:*:*:*:*:*",
              "matchCriteriaId": "D8AF9E70-E4F7-4BB1-9D49-33633AB9CE82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5101:*:*:*:*:*:*",
              "matchCriteriaId": "D1174A0E-EFA2-4FAA-B42A-A0D4FAAD592D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5102:*:*:*:*:*:*",
              "matchCriteriaId": "A99912DA-82E6-4FD6-8916-635637941335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5103:*:*:*:*:*:*",
              "matchCriteriaId": "FC5FA48C-6B99-4B80-9256-694BD4174557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5104:*:*:*:*:*:*",
              "matchCriteriaId": "6D860882-A106-4771-87DF-9ADE482F41DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5105:*:*:*:*:*:*",
              "matchCriteriaId": "0DD127BF-200A-45F5-9357-5024C76E7B12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5106:*:*:*:*:*:*",
              "matchCriteriaId": "8D2143C4-D4A0-4AE5-86D2-D3DEFD27C9E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5107:*:*:*:*:*:*",
              "matchCriteriaId": "1745145D-493D-4181-B011-46490BBF5A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5108:*:*:*:*:*:*",
              "matchCriteriaId": "8A9605CA-8368-47D1-964A-684E099212D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5109:*:*:*:*:*:*",
              "matchCriteriaId": "109303F0-F6C6-4BC7-9011-BAAD6B1D043E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5110:*:*:*:*:*:*",
              "matchCriteriaId": "39BC2BEF-89B7-48F0-BAFC-26B1DE0E7EB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5111:*:*:*:*:*:*",
              "matchCriteriaId": "BA12CCBE-5C43-4FF8-A9A5-63B91AA14C2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5112:*:*:*:*:*:*",
              "matchCriteriaId": "270B44CA-F153-4EF8-8E0B-276E80C8ADB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5113:*:*:*:*:*:*",
              "matchCriteriaId": "6EC9A6C6-3D3E-411F-89EF-CAFCF66D8222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5114:*:*:*:*:*:*",
              "matchCriteriaId": "CD55F212-950A-4421-9C73-80287647719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5115:*:*:*:*:*:*",
              "matchCriteriaId": "61E19A98-DF1A-44B0-AB69-6822F9110FE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5116:*:*:*:*:*:*",
              "matchCriteriaId": "7AA56B14-E4B5-4373-81F3-ECFD30DC897B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5200:*:*:*:*:*:*",
              "matchCriteriaId": "77F2C9F3-67ED-4337-9EC8-A164ADCBFB5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5201:*:*:*:*:*:*",
              "matchCriteriaId": "DE73451C-7289-4832-84A7-1A9D8CFE5EF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5202:*:*:*:*:*:*",
              "matchCriteriaId": "74AB64C4-625A-4369-8F16-3145B85A5DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5203:*:*:*:*:*:*",
              "matchCriteriaId": "5C8E8A1A-AA00-48AC-BB5F-59DA174A4F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5204:*:*:*:*:*:*",
              "matchCriteriaId": "797C805C-68D4-4B5A-8AD8-C2036692C616",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5205:*:*:*:*:*:*",
              "matchCriteriaId": "50D245E8-5719-41B6-95C0-A2CACE88676D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5206:*:*:*:*:*:*",
              "matchCriteriaId": "809A4666-41E7-48B8-A9FA-A24A71EC5A1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5207:*:*:*:*:*:*",
              "matchCriteriaId": "6BEADFCD-8A32-4D59-908A-37E9E3A52E49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5300:*:*:*:*:*:*",
              "matchCriteriaId": "28409900-B268-437E-B474-1CDF7C654161",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5301:*:*:*:*:*:*",
              "matchCriteriaId": "E4A44B27-87F1-47F2-8596-663C63F4C1DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5302:*:*:*:*:*:*",
              "matchCriteriaId": "7ACD689D-709B-471F-9C86-66E22E91DBCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5303:*:*:*:*:*:*",
              "matchCriteriaId": "749731D7-2431-4DBC-9E76-4BFB8F8C57C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5304:*:*:*:*:*:*",
              "matchCriteriaId": "5B0B3278-EE00-40F5-8372-9AFA6F44B765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5305:*:*:*:*:*:*",
              "matchCriteriaId": "916DEBE1-C3AB-415B-9463-1A4253F609C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5306:*:*:*:*:*:*",
              "matchCriteriaId": "5CFBBCCD-7625-4C73-AFCA-924DFAC48BC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5307:*:*:*:*:*:*",
              "matchCriteriaId": "FA24BDA1-675D-45E2-A0F8-041CC6DF1D39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5308:*:*:*:*:*:*",
              "matchCriteriaId": "CE4EA03B-33D0-4057-A80C-4AF69D22FF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5309:*:*:*:*:*:*",
              "matchCriteriaId": "0BA96538-C2F8-42C2-AF49-55B7D216B17B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5310:*:*:*:*:*:*",
              "matchCriteriaId": "D9227C12-AFD7-4481-8495-998F9AB4E668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5311:*:*:*:*:*:*",
              "matchCriteriaId": "17755902-5421-45C1-8952-70771E8C79A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5312:*:*:*:*:*:*",
              "matchCriteriaId": "CA16BF41-2F02-422A-A92F-40EA8BF7A75F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5313:*:*:*:*:*:*",
              "matchCriteriaId": "54C11E83-F0BA-4C47-875E-7CFEC447728E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5314:*:*:*:*:*:*",
              "matchCriteriaId": "DDF73A07-905D-4F26-848B-84C3A9F1630C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5315:*:*:*:*:*:*",
              "matchCriteriaId": "5EE92704-67CE-4D3A-97D1-BEAB1CFFC70C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5316:*:*:*:*:*:*",
              "matchCriteriaId": "ABFB14B0-F81C-4C7A-B1EF-EF8C4D779576",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5317:*:*:*:*:*:*",
              "matchCriteriaId": "219F3924-899B-4D14-90FF-E1F8B8A6B5F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5318:*:*:*:*:*:*",
              "matchCriteriaId": "4C222551-E231-43E3-98BD-773FDB68D589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5319:*:*:*:*:*:*",
              "matchCriteriaId": "DAD582DE-6811-4D78-899C-933D1D409EF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5320:*:*:*:*:*:*",
              "matchCriteriaId": "7D7BF363-19F5-4655-9A8C-AFF535AF0558",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5321:*:*:*:*:*:*",
              "matchCriteriaId": "962CABE0-C8AF-4C2F-81D7-12D232C390F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5322:*:*:*:*:*:*",
              "matchCriteriaId": "613D8FD3-7086-4E59-A012-884A094BAD6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5323:*:*:*:*:*:*",
              "matchCriteriaId": "7D14A1B5-95A8-4F62-B06A-8BA4641CC35E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5324:*:*:*:*:*:*",
              "matchCriteriaId": "F3C27B95-B5AB-4BBD-9701-85560CC020CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5325:*:*:*:*:*:*",
              "matchCriteriaId": "7B46B8A8-2C90-44C8-A5C9-186593D0A556",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5326:*:*:*:*:*:*",
              "matchCriteriaId": "2CA0E58E-2535-422A-AF35-3EF017792570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5327:*:*:*:*:*:*",
              "matchCriteriaId": "8CC89F07-DD8C-4DD9-BE80-D9DA689A4D19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5328:*:*:*:*:*:*",
              "matchCriteriaId": "AD53F8D8-34A0-46F0-9AC9-EF088B4C9AB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5329:*:*:*:*:*:*",
              "matchCriteriaId": "A9B6BA8A-8709-4E8E-A42E-85B0E99818E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5330:*:*:*:*:*:*",
              "matchCriteriaId": "B0F00049-CA99-4A6B-B347-78768BF19DB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5400:*:*:*:*:*:*",
              "matchCriteriaId": "30A10B00-E8DD-445D-AFC3-DC7DAF42724F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5500:*:*:*:*:*:*",
              "matchCriteriaId": "CBEEB6C7-764D-4012-9656-FC76F43A53EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5501:*:*:*:*:*:*",
              "matchCriteriaId": "86F5057B-4DFA-43A0-B604-9CACEEE926E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5502:*:*:*:*:*:*",
              "matchCriteriaId": "5EF382C0-392B-4DA9-AFA2-3CD933615E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5503:*:*:*:*:*:*",
              "matchCriteriaId": "78019D71-4598-4095-AAF4-13DCD93F842F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5504:*:*:*:*:*:*",
              "matchCriteriaId": "3C6F69D0-1595-42E9-B812-63C133965E16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5505:*:*:*:*:*:*",
              "matchCriteriaId": "30D743E2-FE10-43BB-9514-4581F33F2C34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5506:*:*:*:*:*:*",
              "matchCriteriaId": "D4639A68-BAA3-4669-B2F1-AD381A25464D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5507:*:*:*:*:*:*",
              "matchCriteriaId": "DF69BD50-A3B7-4C9C-83ED-088EBB977F0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5508:*:*:*:*:*:*",
              "matchCriteriaId": "0313F401-85DC-4DF0-AEAD-A8D6885902CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5509:*:*:*:*:*:*",
              "matchCriteriaId": "924F6A44-0E30-46A9-990E-DA44AA61C012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5510:*:*:*:*:*:*",
              "matchCriteriaId": "C514F02D-DB00-4B05-A53C-A13310FE9E4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5511:*:*:*:*:*:*",
              "matchCriteriaId": "D013876C-9433-4576-84B5-464649CC8199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5512:*:*:*:*:*:*",
              "matchCriteriaId": "8DFA286F-0C4E-4C56-8FFB-15481594FE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5513:*:*:*:*:*:*",
              "matchCriteriaId": "D86056BB-3CF4-4C8A-B685-1E88E25429F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5514:*:*:*:*:*:*",
              "matchCriteriaId": "BDE0C598-57A7-4EEF-A98C-44B871955BC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5515:*:*:*:*:*:*",
              "matchCriteriaId": "C6F752FD-8B2C-4636-B7DD-343D2DEDE7F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5516:*:*:*:*:*:*",
              "matchCriteriaId": "B435C1CA-2DD6-4DC7-B7B1-9B232EA5CFC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5517:*:*:*:*:*:*",
              "matchCriteriaId": "48A77EA0-C382-4A81-9EE3-48F7AC8AFEA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5518:*:*:*:*:*:*",
              "matchCriteriaId": "48907141-7B99-4D1A-955D-7E98B46E5A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5519:*:*:*:*:*:*",
              "matchCriteriaId": "C894A206-F09A-4D6A-9675-618CD8FEFD08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5520:*:*:*:*:*:*",
              "matchCriteriaId": "52028275-3CFA-4AB0-8013-018FF88C11B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5521:*:*:*:*:*:*",
              "matchCriteriaId": "2864B47E-79C8-4FE4-97E5-3C85C926CA21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5600:*:*:*:*:*:*",
              "matchCriteriaId": "627B72C4-8311-414D-AA55-EC5F71794F58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5601:*:*:*:*:*:*",
              "matchCriteriaId": "74839837-94FC-4A6F-8DE2-358A7AD28D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5602:*:*:*:*:*:*",
              "matchCriteriaId": "66B9BB15-FA78-4C05-8670-610DD790FF75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5603:*:*:*:*:*:*",
              "matchCriteriaId": "166217A8-C306-4C79-A33F-D45032F2D1E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5604:*:*:*:*:*:*",
              "matchCriteriaId": "EFC0E47A-8807-441D-BEFA-1E9A71EDA7C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5605:*:*:*:*:*:*",
              "matchCriteriaId": "06395B41-9538-42FF-8ADB-E750F5C5B2C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5606:*:*:*:*:*:*",
              "matchCriteriaId": "0DF7379A-F56E-4A2D-8099-2C0E72B8ACA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5700:*:*:*:*:*:*",
              "matchCriteriaId": "76008ABA-2A6F-4EF9-B9F4-3CA996C1C5DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5701:*:*:*:*:*:*",
              "matchCriteriaId": "7C9E0FFE-2C4E-4157-B6CB-D547DE62E8E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation."
    },
    {
      "lang": "es",
      "value": "Zoho ManageEngine ADSelfService Plus, en versiones 5.7 anteriores a la build 5702, tiene Cross-Site Scripting (XSS) en la implementaci\u00f3n del dise\u00f1o de autoactualizaci\u00f3n."
    }
  ],
  "id": "CVE-2018-20484",
  "lastModified": "2024-11-21T04:01:34.643",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-12-26T18:29:00.543",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/products/self-service-password/release-notes.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/152793/Zoho-ManageEngine-ADSelfService-Plus-5.7-Cross-Site-Scripting.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/products/self-service-password/release-notes.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2018-20484 (GCVE-0-2018-20484)

Vulnerability from cvelistv5

gsd-2018-20484

Vulnerability from gsd

ghsa-4542-x8v2-hf3g

Vulnerability from github

fkie_cve-2018-20484

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature