CVE-2019-8394

Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability

Zoho ManageEngine ServiceDesk Plus (SDP) contains an unspecified vulnerability that allows remote users to upload files via login page customization. Vendor/Product: Zoho ManageEngine. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2019-8394