Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGO_PATH key value in the logon settings. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
XSS
Zoho
Manageengine Log360
NVD
CVSS 3.1
6.1
EPSS
0.8%
Zoho ManageEngine Log360 before Build 5225 allows stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
XSS
Zoho
Manageengine Log360
NVD
CVSS 3.1
6.1
EPSS
0.8%