# Security Updates - CVE-2017-11560 | ManageEngine OpManager

## CVE-2017-11560

### HTML Injection vulnerability

## Vulnerability Details

| Field | Details |
|---|---|
| Impact | **CVSS V3 rating: 5.4 (Medium)** |
| Reported | 22 July 2017 |
| Fixed | 22 July 2019 |
| Affected Builds | Till Build 12200 |
| Fixed in | Build 124033 |
| Overview | HTML Injection vulnerability |
| Recommended Fix | **Upgrade to [OpManager Version 12.4.033](https://www.manageengine.com/network-monitoring/service-packs.html?124033) or above.** |

## Description

It was possible to inject HTML content while uploading the `map.html` file. The HTML Injection vulnerability issue in Google Maps has now been fixed.

We recommend that you [upgrade to OpManager Version 12.4.033](https://www.manageengine.com/network-monitoring/service-packs.html?124033) or above to fix this issue.

## Source and Acknowledgements

Find out more about CVE-2017-11560 from the [CVE dictionary](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11560).

## Need Help?

For clarification or corrections please contact our [support team](https://www.manageengine.com/network-monitoring/support.html) or email us at [opmanager-support@manageengine.com](mailto:opmanager-support@manageengine.com).