CVE-2023-23077
Published Feb 1, 2023
Last updated 2 years ago
Overview
- Description
- Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 13 via the comment field when adding a new status comment.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F47FA243-5596-4E18-B7FA-F3301F5ADF0A"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13000:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0B75973-355C-447E-BBEA-18459A5736C8"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13001:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E45A9C9-EE09-493E-AE75-BACCD86B97EB"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13002:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4509077B-AD20-49B3-B23D-A0BC9E7A07E1"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13003:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B5066A4-D8F9-452D-9686-49B5B33EE326"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13004:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A221A081-71CD-437F-9FE2-6A255A816BD3"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13005:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "883692B3-A95D-46F5-9E52-7694AF30CBAA"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13006:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3C36A1A-9E47-4343-936A-711C7234D125"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13007:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D7875DEA-DE8F-4AF1-BCE7-FDF2A59C1DED"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13008:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "702DC6C6-7EC3-4897-96E5-4F7DAED23170"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13009:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4D2A501-3100-484B-A0B9-7BD10DB9D14A"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13010:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2E24BFE-8EA8-4CDF-991B-A005E299518D"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13011:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93E24D9D-333B-4EAB-AD78-E568FE2C07EF"
},
{
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:13.0:13012:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF090E94-1878-400A-8E4E-26F2E1161A2A"
}
],
"operator": "OR"
}
]
}
]