CVE-2024-10839
HIGH WAF: High
CVSS 8.1
Published: 2024-11-08
CWE-611 CWE-611
Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.
WAF Coverage Analysis
XML External Entity (XXE)
High WAF Coverage
OWASP: A05:2021 Security Misconfiguration
941xxx - XSS / XXE
XML External Entity (XXE)
High WAF Coverage
OWASP: A05:2021 Security Misconfiguration
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| zohocorp | manageengine_sharepoint_manager_plus | 4.0 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.0 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.0 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.0 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.0 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.0 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.0 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.0 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.0 |
| zohocorp | manageengine_sharepoint_manager_plus | 4.0 |
References
- www.manageengine.com (Vendor Advisory)