An issue exists in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType.
zohocorp manageengine assetexplorer 6.5