Issues Fixed in 9415

Vulnerability :

  • SD-72109 : XSS vulnerability found in the asset details page is fixed.
  • SD-71576 : XSS vulnerability found in Change Calendar is fixed.
  • SD-72080 : Directory traversal vulnerability found in file upload is fixed.
  • SD-71495 : ZipSlip vulnerability found in distributed asset scan is fixed.
  • SD-72568 : Vulnerability in deletion of default license types is fixed.
  • SD-68282 : No alert message is displayed, warning about the impacted scan types when we enable “Stop uploading scanned XMLs via non-login URL” under the Security Settings.
  • SD-71928 : Privilege Escalation Vulnerability in project module Gantt view.
  • SD-69108 : Security response headers are missing in the login form.
  • SD-71704, 71703, 71702, 71676, 71675, 71674 : GET URLs replaced with POST URLs.
  • SD-71595 : Vulnerability : Able to create a table and copy data in MSSQL.
  • SD-66826 : Vulnerable HTTP method (OPTIONS) disabled.

Requests :

  • SD-72141 : In the request history, Before Modification and After Modification sections with regards to Description changes are not displayed.

Assets :

  • SD-71491, 71490 : Failure exception message displayed during network scan is fixed.
Build Release

You may be interested in these other recent articles

18 Dec

Last Week Best ManageEngine Updates – Part 31

18 December 2023 | Nazim Nadir

Right before Christmas, ManageEngine is giving out their quality of life updates. From ServiceDesk Plus to M365 Manager Plus, you will see plenty of updates…

Read more
6 Dec

Last Week’s Best ManageEngine Updates – Part 30

6 December 2023 | Nazim Nadir

ManageEngine is named a strong performer for 2023 in last week updates. There are also new updates to their suite of applications and they have…

Read more
27 Nov

Last Week’s Best ManageEngine Updates – Part 29

27 November 2023 | Nazim Nadir

Exciting news of ManageEngine Linkedin Live webinar has been announced alongside some application updates and the release of a new E-Book. Whether you’re new to…

Read more