Security Updates - CVE Database
Home » Security Updates ยป CVE-2020-19554

CVE-2020-19554

Reflected XSS vulnerability when the API key contained an XML-based XSS payload.

Vulnerability Details
Severity Medium
Reported 09th July, 2020
Reported by SecurityTest@dbappsecurity.com.cn
Fixed 17th July, 2020
Affected Builds Builds 125176 and below.
Fixed in Builds 12.5.177
Overview A reflected XSS vulnerability when the API key contained an XML-based XSS payload.
Recommended Fix → For builds 12.3.xxx - 12.5.176, please upgrade to OpManager Version 12.5.437.

 

Description

A reflected XSS vulnerability when the API key contained an XML-based XSS payload.

We recommend that you upgrade to OpManager Version 12.5.437 or contact our support team at itom-upgrades@manageengine.com to fix this issue.

Source and Acknowledgements

Find out more about CVE-2020-19554 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at itom-upgrades@manageengine.com

 
Related Products
 Pricing  Get Quote