What is CVE-2018-12998?

CVE-2018-12998 is a vulnerability in N/a. Published 2018-06-29.

Is CVE-2018-12998 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-12998

A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Ana…

EPSS: 0.541 (98.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-… (x_refsource_MISC)
github.com/unh3x/just4cve/issues/10 (x_refsource_MISC)
www.cnnvd.org.cn/web/xxk/ldxqById.tag (x_refsource_MISC)
20180720 [CVE-2018-12998]Zoho manageengine Reflected XSS in multiple Products (mailing-list, x_refsource_FULLDISC)

Frequently asked questions

What is CVE-2018-12998?: CVE-2018-12998 is a vulnerability in N/a. Published 2018-06-29.
Is CVE-2018-12998 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.