CVE-2023-49943 Information

Description

Zoho ManageEngine ServiceDesk Plus MSP before 14504 allows stored XSS (by a low-privileged technician) via a task’s name in a time sheet.

Reference

https://manageengine.com https://www.manageengine.com/products/service-desk-msp/CVE-2023-49943.html