Zoho Corp ManageEngine ServiceDesk Plus 14.0
Approved changes feed: RSS · Atom
cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.0:-:*:*:*:*:*:*
part: a version: 14.0 update: -
| Vendor | Zohocorp (4f1ab088-ab0e-54ac-b0dc-2304879a7502) |
|---|---|
| Product | Manageengine Servicedesk Plus (25373568-3a9b-52b0-9856-05e6cf15479d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-23078 |
vulnerable | 2026-06-03 14:49:20.892407 |
Details available
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via the comment field when changing the credentials in the Assets.
Published: 2023-02-01T00:00:00.000Z
Updated: 2025-03-27T14:19:08.435Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-23074 |
vulnerable | 2026-06-03 14:49:20.847703 |
Details available
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via embedding videos in the language component.
Published: 2023-02-01T00:00:00.000Z
Updated: 2025-03-27T14:27:27.473Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-23073 |
vulnerable | 2026-06-03 14:49:20.843386 |
Details available
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via PO in the purchase component.
Published: 2023-02-01T00:00:00.000Z
Updated: 2025-03-27T14:29:08.008Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-40772 |
vulnerable | 2026-06-03 14:48:03.582672 |
Details available
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.
Published: 2022-11-23T00:00:00.000Z
Updated: 2025-04-28T19:34:22.092Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-40771 |
vulnerable | 2026-06-03 14:48:03.560595 |
Details available
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to an XML External Entity attack that leads to Information Disclosure.
Published: 2022-11-23T00:00:00.000Z
Updated: 2025-04-28T19:37:36.773Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.