CVE-2023-29443

Published: 2023-04-26T21:15Z

Last Modified: 2025-02-03T20:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Zoho ManageEngine ServiceDesk Plus before 14105, ServiceDesk Plus MSP before 14200, SupportCenter Plus before 14200, and AssetExplorer before 6989 allow SDAdmin attackers to conduct XXE attacks via a crafted server that sends malformed XML from a Reports integration API endpoint. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt