CVE-2010-3274
Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEng
Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allow remote attackers to inject arbitrary web script or HTML via the searchString parameter in a (1) showList or (2) Search action.
MEDIUM · CVSS 4.3
EPSS 0.1433
Schedule remediation
- EPSS ≥ 0.10 - elevated exploitation probability
- EPSS percentile: top 5% of all CVEs by exploitation likelihood
- Public exploit or PoC is available
Sigma rules0
YARA rules0