ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from a Reflected Cross-Site Scripting vulnerability. Applications Manager is prone to a Cross-Site Scripting vulnerability in parameter LIMIT, in URL path /DiagAlertAction.do?REQTYPE=AJAX&LIMIT=1233. The URL is also available without authentication.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
manageengine applications manager 13.0 |
||
manageengine applications manager 12.0 |