In Zoho ManageEngine ServiceDesk Plus prior to 9403, an XSS issue allows an malicious user to run arbitrary JavaScript via a /api/request/?OPERATION_NAME= URI, aka SD-69139.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zohocorp manageengine servicedesk plus |