ManageEngine OpManager Plus < 12.7.131 Cross-Site WebSocket Hijacking

The version of ManageEngine OpManager running on the remote web server is prior to 12.7.131. It therefore, has a vulnerability in the WebSocket endpoint that allows Cross-site WebSocket hijacking.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More

Back to Main

Subscribe for the latest news:
%d bloggers like this: