Security Updates - CVE Database
Home » Security Updates » CVE-2020-19554

CVE-2020-19554

Reflected XSS vulnerability when the API key contained an XML-based XSS payload.

Vulnerability Details
SeverityMedium
Reported09th July, 2020
Reported bySecurityTest@dbappsecurity.com.cn
Fixed17th July, 2020
Affected BuildsBuilds 125176 and below.
Fixed inBuilds 12.5.177
OverviewA reflected XSS vulnerability when the API key contained an XML-based XSS payload.
Recommended Fix→ For builds 12.3.xxx - 12.5.176, please upgrade to OpManager Version 12.5.437.

 

Description

A reflected XSS vulnerability when the API key contained an XML-based XSS payload.

We recommend that you upgrade to OpManager Version 12.5.437 or contact our support team at itom-upgrades@manageengine.com to fix this issue.

Source and Acknowledgements

Find out more about CVE-2020-19554 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at itom-upgrades@manageengine.com

 
Related Products