Zoho ManageEngine OpManager 12.3 allows Stored XSS

Posted by Hakan Bayır on Oct 31I. VULNERABILITY
————————-
Zoho ManageEngine OpManager 12.3 allows stored XSS

II. CVE REFERENCE
————————-
CVE-2018-18715

III. VENDOR
————————-
https://www.manageengine.com

IV. TIMELINE
————————-
09/10/18 Vulnerability discovered
09/10/18 Vendor contacted
26/10/2018 OPManager replay that they fixed

V. CREDIT
————————-
Hakan Bayir at Biznet Bilisim A.S.

VI….

Link: http://seclists.org/bugtraq/2018/Oct/60