fkie_cve-2019-11511
Vulnerability from fkie_nvd
Published
2019-04-25 03:29
Modified
2024-11-21 04:21
Severity ?
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Zoho ManageEngine ADSelfService Plus before build 5708 has XSS via the mobile app API.
References
cve@mitre.orghttps://www.manageengine.com/products/self-service-password/release-notes.html#5708Release Notes, Vendor Advisory
cve@mitre.orghttps://zeroauth.ltd/blog/2019/05/26/cve-2019-11511-zoho-manageengine-adselfservice-plus-xss/
af854a3a-2127-422b-91ae-364da2661108https://www.manageengine.com/products/self-service-password/release-notes.html#5708Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://zeroauth.ltd/blog/2019/05/26/cve-2019-11511-zoho-manageengine-adselfservice-plus-xss/
Impacted products
Vendor Product Version
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7
zohocorp manageengine_adselfservice_plus 5.7


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:4500:*:*:*:*:*:*",
              "matchCriteriaId": "796A4512-DC6E-42A1-9A57-D4F446A9BC34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5032:*:*:*:*:*:*",
              "matchCriteriaId": "4C202C90-B792-4E0C-B7A9-C06FDB7C30DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5040:*:*:*:*:*:*",
              "matchCriteriaId": "42F19FC5-6C75-458A-9B90-376D0D1B0C59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5041:*:*:*:*:*:*",
              "matchCriteriaId": "6DC23258-D431-40C0-9853-E08D36A225FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5100:*:*:*:*:*:*",
              "matchCriteriaId": "D8AF9E70-E4F7-4BB1-9D49-33633AB9CE82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5101:*:*:*:*:*:*",
              "matchCriteriaId": "D1174A0E-EFA2-4FAA-B42A-A0D4FAAD592D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5102:*:*:*:*:*:*",
              "matchCriteriaId": "A99912DA-82E6-4FD6-8916-635637941335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5103:*:*:*:*:*:*",
              "matchCriteriaId": "FC5FA48C-6B99-4B80-9256-694BD4174557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5104:*:*:*:*:*:*",
              "matchCriteriaId": "6D860882-A106-4771-87DF-9ADE482F41DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5105:*:*:*:*:*:*",
              "matchCriteriaId": "0DD127BF-200A-45F5-9357-5024C76E7B12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5106:*:*:*:*:*:*",
              "matchCriteriaId": "8D2143C4-D4A0-4AE5-86D2-D3DEFD27C9E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5107:*:*:*:*:*:*",
              "matchCriteriaId": "1745145D-493D-4181-B011-46490BBF5A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5108:*:*:*:*:*:*",
              "matchCriteriaId": "8A9605CA-8368-47D1-964A-684E099212D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5109:*:*:*:*:*:*",
              "matchCriteriaId": "109303F0-F6C6-4BC7-9011-BAAD6B1D043E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5110:*:*:*:*:*:*",
              "matchCriteriaId": "39BC2BEF-89B7-48F0-BAFC-26B1DE0E7EB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5111:*:*:*:*:*:*",
              "matchCriteriaId": "BA12CCBE-5C43-4FF8-A9A5-63B91AA14C2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5112:*:*:*:*:*:*",
              "matchCriteriaId": "270B44CA-F153-4EF8-8E0B-276E80C8ADB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5113:*:*:*:*:*:*",
              "matchCriteriaId": "6EC9A6C6-3D3E-411F-89EF-CAFCF66D8222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5114:*:*:*:*:*:*",
              "matchCriteriaId": "CD55F212-950A-4421-9C73-80287647719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5115:*:*:*:*:*:*",
              "matchCriteriaId": "61E19A98-DF1A-44B0-AB69-6822F9110FE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5116:*:*:*:*:*:*",
              "matchCriteriaId": "7AA56B14-E4B5-4373-81F3-ECFD30DC897B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5200:*:*:*:*:*:*",
              "matchCriteriaId": "77F2C9F3-67ED-4337-9EC8-A164ADCBFB5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5201:*:*:*:*:*:*",
              "matchCriteriaId": "DE73451C-7289-4832-84A7-1A9D8CFE5EF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5202:*:*:*:*:*:*",
              "matchCriteriaId": "74AB64C4-625A-4369-8F16-3145B85A5DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5203:*:*:*:*:*:*",
              "matchCriteriaId": "5C8E8A1A-AA00-48AC-BB5F-59DA174A4F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5204:*:*:*:*:*:*",
              "matchCriteriaId": "797C805C-68D4-4B5A-8AD8-C2036692C616",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5205:*:*:*:*:*:*",
              "matchCriteriaId": "50D245E8-5719-41B6-95C0-A2CACE88676D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5206:*:*:*:*:*:*",
              "matchCriteriaId": "809A4666-41E7-48B8-A9FA-A24A71EC5A1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5207:*:*:*:*:*:*",
              "matchCriteriaId": "6BEADFCD-8A32-4D59-908A-37E9E3A52E49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5300:*:*:*:*:*:*",
              "matchCriteriaId": "28409900-B268-437E-B474-1CDF7C654161",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5301:*:*:*:*:*:*",
              "matchCriteriaId": "E4A44B27-87F1-47F2-8596-663C63F4C1DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5302:*:*:*:*:*:*",
              "matchCriteriaId": "7ACD689D-709B-471F-9C86-66E22E91DBCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5303:*:*:*:*:*:*",
              "matchCriteriaId": "749731D7-2431-4DBC-9E76-4BFB8F8C57C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5304:*:*:*:*:*:*",
              "matchCriteriaId": "5B0B3278-EE00-40F5-8372-9AFA6F44B765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5305:*:*:*:*:*:*",
              "matchCriteriaId": "916DEBE1-C3AB-415B-9463-1A4253F609C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5306:*:*:*:*:*:*",
              "matchCriteriaId": "5CFBBCCD-7625-4C73-AFCA-924DFAC48BC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5307:*:*:*:*:*:*",
              "matchCriteriaId": "FA24BDA1-675D-45E2-A0F8-041CC6DF1D39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5308:*:*:*:*:*:*",
              "matchCriteriaId": "CE4EA03B-33D0-4057-A80C-4AF69D22FF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5309:*:*:*:*:*:*",
              "matchCriteriaId": "0BA96538-C2F8-42C2-AF49-55B7D216B17B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5310:*:*:*:*:*:*",
              "matchCriteriaId": "D9227C12-AFD7-4481-8495-998F9AB4E668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5311:*:*:*:*:*:*",
              "matchCriteriaId": "17755902-5421-45C1-8952-70771E8C79A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5312:*:*:*:*:*:*",
              "matchCriteriaId": "CA16BF41-2F02-422A-A92F-40EA8BF7A75F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5313:*:*:*:*:*:*",
              "matchCriteriaId": "54C11E83-F0BA-4C47-875E-7CFEC447728E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5314:*:*:*:*:*:*",
              "matchCriteriaId": "DDF73A07-905D-4F26-848B-84C3A9F1630C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5315:*:*:*:*:*:*",
              "matchCriteriaId": "5EE92704-67CE-4D3A-97D1-BEAB1CFFC70C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5316:*:*:*:*:*:*",
              "matchCriteriaId": "ABFB14B0-F81C-4C7A-B1EF-EF8C4D779576",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5317:*:*:*:*:*:*",
              "matchCriteriaId": "219F3924-899B-4D14-90FF-E1F8B8A6B5F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5318:*:*:*:*:*:*",
              "matchCriteriaId": "4C222551-E231-43E3-98BD-773FDB68D589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5319:*:*:*:*:*:*",
              "matchCriteriaId": "DAD582DE-6811-4D78-899C-933D1D409EF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5320:*:*:*:*:*:*",
              "matchCriteriaId": "7D7BF363-19F5-4655-9A8C-AFF535AF0558",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5321:*:*:*:*:*:*",
              "matchCriteriaId": "962CABE0-C8AF-4C2F-81D7-12D232C390F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5322:*:*:*:*:*:*",
              "matchCriteriaId": "613D8FD3-7086-4E59-A012-884A094BAD6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5323:*:*:*:*:*:*",
              "matchCriteriaId": "7D14A1B5-95A8-4F62-B06A-8BA4641CC35E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5324:*:*:*:*:*:*",
              "matchCriteriaId": "F3C27B95-B5AB-4BBD-9701-85560CC020CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5325:*:*:*:*:*:*",
              "matchCriteriaId": "7B46B8A8-2C90-44C8-A5C9-186593D0A556",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5326:*:*:*:*:*:*",
              "matchCriteriaId": "2CA0E58E-2535-422A-AF35-3EF017792570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5327:*:*:*:*:*:*",
              "matchCriteriaId": "8CC89F07-DD8C-4DD9-BE80-D9DA689A4D19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5328:*:*:*:*:*:*",
              "matchCriteriaId": "AD53F8D8-34A0-46F0-9AC9-EF088B4C9AB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5329:*:*:*:*:*:*",
              "matchCriteriaId": "A9B6BA8A-8709-4E8E-A42E-85B0E99818E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5330:*:*:*:*:*:*",
              "matchCriteriaId": "B0F00049-CA99-4A6B-B347-78768BF19DB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5400:*:*:*:*:*:*",
              "matchCriteriaId": "30A10B00-E8DD-445D-AFC3-DC7DAF42724F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5500:*:*:*:*:*:*",
              "matchCriteriaId": "CBEEB6C7-764D-4012-9656-FC76F43A53EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5501:*:*:*:*:*:*",
              "matchCriteriaId": "86F5057B-4DFA-43A0-B604-9CACEEE926E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5502:*:*:*:*:*:*",
              "matchCriteriaId": "5EF382C0-392B-4DA9-AFA2-3CD933615E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5503:*:*:*:*:*:*",
              "matchCriteriaId": "78019D71-4598-4095-AAF4-13DCD93F842F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5504:*:*:*:*:*:*",
              "matchCriteriaId": "3C6F69D0-1595-42E9-B812-63C133965E16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5505:*:*:*:*:*:*",
              "matchCriteriaId": "30D743E2-FE10-43BB-9514-4581F33F2C34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5506:*:*:*:*:*:*",
              "matchCriteriaId": "D4639A68-BAA3-4669-B2F1-AD381A25464D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5507:*:*:*:*:*:*",
              "matchCriteriaId": "DF69BD50-A3B7-4C9C-83ED-088EBB977F0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5508:*:*:*:*:*:*",
              "matchCriteriaId": "0313F401-85DC-4DF0-AEAD-A8D6885902CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5509:*:*:*:*:*:*",
              "matchCriteriaId": "924F6A44-0E30-46A9-990E-DA44AA61C012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5510:*:*:*:*:*:*",
              "matchCriteriaId": "C514F02D-DB00-4B05-A53C-A13310FE9E4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5511:*:*:*:*:*:*",
              "matchCriteriaId": "D013876C-9433-4576-84B5-464649CC8199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5512:*:*:*:*:*:*",
              "matchCriteriaId": "8DFA286F-0C4E-4C56-8FFB-15481594FE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5513:*:*:*:*:*:*",
              "matchCriteriaId": "D86056BB-3CF4-4C8A-B685-1E88E25429F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5514:*:*:*:*:*:*",
              "matchCriteriaId": "BDE0C598-57A7-4EEF-A98C-44B871955BC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5515:*:*:*:*:*:*",
              "matchCriteriaId": "C6F752FD-8B2C-4636-B7DD-343D2DEDE7F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5516:*:*:*:*:*:*",
              "matchCriteriaId": "B435C1CA-2DD6-4DC7-B7B1-9B232EA5CFC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5517:*:*:*:*:*:*",
              "matchCriteriaId": "48A77EA0-C382-4A81-9EE3-48F7AC8AFEA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5518:*:*:*:*:*:*",
              "matchCriteriaId": "48907141-7B99-4D1A-955D-7E98B46E5A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5519:*:*:*:*:*:*",
              "matchCriteriaId": "C894A206-F09A-4D6A-9675-618CD8FEFD08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5520:*:*:*:*:*:*",
              "matchCriteriaId": "52028275-3CFA-4AB0-8013-018FF88C11B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5521:*:*:*:*:*:*",
              "matchCriteriaId": "2864B47E-79C8-4FE4-97E5-3C85C926CA21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5600:*:*:*:*:*:*",
              "matchCriteriaId": "627B72C4-8311-414D-AA55-EC5F71794F58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5601:*:*:*:*:*:*",
              "matchCriteriaId": "74839837-94FC-4A6F-8DE2-358A7AD28D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5602:*:*:*:*:*:*",
              "matchCriteriaId": "66B9BB15-FA78-4C05-8670-610DD790FF75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5603:*:*:*:*:*:*",
              "matchCriteriaId": "166217A8-C306-4C79-A33F-D45032F2D1E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5604:*:*:*:*:*:*",
              "matchCriteriaId": "EFC0E47A-8807-441D-BEFA-1E9A71EDA7C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5605:*:*:*:*:*:*",
              "matchCriteriaId": "06395B41-9538-42FF-8ADB-E750F5C5B2C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5606:*:*:*:*:*:*",
              "matchCriteriaId": "0DF7379A-F56E-4A2D-8099-2C0E72B8ACA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5607:*:*:*:*:*:*",
              "matchCriteriaId": "FE8675BC-B0AA-4067-B079-FCAE97519B0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5700:*:*:*:*:*:*",
              "matchCriteriaId": "76008ABA-2A6F-4EF9-B9F4-3CA996C1C5DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5701:*:*:*:*:*:*",
              "matchCriteriaId": "7C9E0FFE-2C4E-4157-B6CB-D547DE62E8E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5702:*:*:*:*:*:*",
              "matchCriteriaId": "73FB7AA8-4BA9-49D4-A950-C33FA4C59CD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5703:*:*:*:*:*:*",
              "matchCriteriaId": "B8115A1F-DFFA-4C7D-90A7-1C7585FA1F30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5704:*:*:*:*:*:*",
              "matchCriteriaId": "59408AE1-F8C3-48A7-BF31-ABB4173E42D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5705:*:*:*:*:*:*",
              "matchCriteriaId": "0DB0AFE4-2631-4A5E-BC08-1CF733FD7457",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5706:*:*:*:*:*:*",
              "matchCriteriaId": "82FD8A24-2D01-4D2A-ADDE-51EBCC189332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.7:5707:*:*:*:*:*:*",
              "matchCriteriaId": "3CDD178D-9CE8-4FC9-8388-BB89DC949924",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Zoho ManageEngine ADSelfService Plus before build 5708 has XSS via the mobile app API."
    },
    {
      "lang": "es",
      "value": "Zoho ManageEngine ADSelfService Plus, en versiones anteriores del build 5708, es vulnerable a un XSS a trav\u00e9s de la API de aplicaciones m\u00f3viles."
    }
  ],
  "id": "CVE-2019-11511",
  "lastModified": "2024-11-21T04:21:14.457",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-04-25T03:29:00.243",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/products/self-service-password/release-notes.html#5708"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://zeroauth.ltd/blog/2019/05/26/cve-2019-11511-zoho-manageengine-adselfservice-plus-xss/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/products/self-service-password/release-notes.html#5708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://zeroauth.ltd/blog/2019/05/26/cve-2019-11511-zoho-manageengine-adselfservice-plus-xss/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.