CVE-2022-24681
Published Apr 7, 2022
Last updated 2 years ago
Overview
- Description
- Zoho ManageEngine ADSelfService Plus before 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A79AAA12-67D4-4343-9E0B-249C07144DD8",
"versionEndExcluding": "6.1"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2320EEE-367C-4CE1-8AC4-048B97DE71F3"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6100:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1E5484A-D834-4C7A-962C-C78CF0CDAA8B"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6101:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FA21683-29F7-44EB-84C6-D29C6C64DE97"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6102:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7BE0B72F-2963-4666-9A82-7812BFB52DB0"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6103:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85DD7E26-B9C5-4DCC-8F50-F5884AF61105"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6104:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC37608E-E61B-4333-8358-50C8377A1ABF"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6105:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C13EF458-FE95-49E5-9A13-04C96C3F114A"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6106:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12919644-3D85-488C-89A3-58A1FB31279D"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6107:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75206A94-9155-48D7-A378-5020877B8B97"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6108:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E50CF265-DE6F-4281-8300-06D54185AA43"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6109:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB577C00-1412-4F87-B91A-5E956EB2213F"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6110:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C7681FA-FC15-49CE-9288-3C4E361F4D21"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6111:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80F12A94-93C5-4442-8FB3-4E02E4DECCEB"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6112:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17270CDC-C800-4B5A-BEAA-83AF455BBBEA"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6113:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DAFE53B1-7736-4560-8FEF-AA0F56FEACF2"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6114:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5491174-9BE3-4FBF-AEF5-6A313E2CEBA0"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6115:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E407C5F1-43D0-4B5D-A3B8-A48A7024CCB1"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6116:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2EC89DCA-D24A-46BB-8086-C306BB4CDABD"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6117:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45BEF834-4A4B-4CB0-BEBF-73A03FDAC773"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6118:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E319DA11-0C76-4F52-A197-FFBF4F30BB55"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6119:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B928577F-3183-4305-9009-A8C6970477D6"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.1:6120:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE6F33B5-418E-4B38-81EB-090E4F3AF89A"
}
],
"operator": "OR"
}
]
}
]