CVE-2023-38333

Summary

CVE-2023-38333 is a newly disclosed vulnerability affecting the Zoho ManageEngine Applications Manager version 16530 and below. This issue permits Reflected Cross-Site Scripting (XSS) attacks, allowing malicious actors to inject malicious code into a webpage viewed by other users. As a result, affected users may unwittingly expose sensitive information or unintentionally execute unauthorized actions. Successful exploitation of this vulnerability could lead to significant security risks, including data theft or unauthorized system access. Users are strongly urged to update their Applications Manager software to the latest available version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.