| Vulnerability Details | |
|---|---|
| Impact | CVSS V3 rating: 10 (Critical) |
| Reported | 13 Oct 2018 |
| Fixed | 13 Nov 2018 |
| Affected Builds | Till Build 123222 |
| Fixed in | Build 123223 |
| Overview | XSS vulnerability in updating Widgets API |
| Recommended Fix | Upgrade to OpManager Version 12.3.239 or above. |
A XSS vulnerability was discovered in OpManager before version 12.3.223. This vulnerability was via the updateWidget API. We recommend that you upgrade to OpManager Version 12.3.223 or above to fix this issue.
Source and Acknowledgements
Find out more about CVE-2018-19288 from the CVE dictionary.
For clarification or corrections please contact our support team or email us at opmanager-support@manageengine.com.