# Security Updates - CVE-2018-18475 | ManageEngine OpManager

## CVE-2018-18475

### XSS vulnerability

## Vulnerability Details

| Field | Details |
|---|---|
| Impact | **CVSS V3 rating: 10 (Critical)** |
| Reported | 10 Sept 2018 |
| Fixed | 10 Oct 2018 |
| Affected Builds | Till Build 123208 |
| Fixed in | Build 123214 |
| Overview | Unrestricted file upload vulnerability in Business view. |
| Recommended Fix | **Upgrade to [OpManager Version 12.3.239](https://www.manageengine.com/network-monitoring/service-packs.html) or above.** |

## Description

An unrestricted file upload vulnerability was discovered in OpManager before version 12.3.214. This occurred when uploading a background image in Business view. We recommend that you [upgrade to OpManager Version 12.3.214](https://www.manageengine.com/network-monitoring/service-packs.html) or above to fix this issue.

## Source and Acknowledgements

Find out more about CVE-2018-18475 from the [CVE dictionary](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18475).

## Need Help?

For clarification or corrections please contact our [support team](https://www.manageengine.com/network-monitoring/support.html) or email us at [opmanager-support@manageengine.com](mailto:opmanager-support@manageengine.com).

## Related Products

- [Network Monitoring](https://www.manageengine.com/network-monitoring/?relPrd)
- [Bandwidth Monitoring & Traffic Analysis](https://www.manageengine.com/products/netflow/?relPrd)
- [Network Configuration Management](https://www.manageengine.com/network-configuration-manager/?relPrd)
- [Switch Port & IP Address Management](https://www.manageengine.com/products/oputils/?relPrd)
- [Firewall Management](https://www.manageengine.com/products/firewall/?relPrd)
- [Network Monitoring Software for MSPs](https://www.manageengine.com/network-monitoring-msp/?relPrd)
- [IT Operations Management](https://www.manageengine.com/it-operations-management/)
- [Application Performance Monitoring](https://www.manageengine.com/products/applications_manager/?relPrd)