Known vulnerabilities in Zoho Corporation Zoho ManageEngine ServiceDesk Plus

Vendor: Zoho Corporation
Website: https://www.zohocorp.com/index.html
Total Security Bulletins: 20

Security bulletins (20)

Secuity bulletin Severity Status Published
SB2025081958: Privilege escalation in ManageEngin ServiceDesk Plus and ServiceDesk Plus MSP Medium
Patched
19.08.2025
SB2025040723: Stored XSS in ManageEngine ServiceDesk and SupportCenter Low
Patched
07.04.2025
SB2023050922: Multiple vulnerabilities in Zoho ManageEngine ServiceDesk Plus Medium
Patched
09.05.2023
SB2023041102: Insufficient logging in ServiceDesk Plus Low
Patched
11.04.2023
SB2023022353: Multiple vulnerabilities in ServiceDesk Plus Medium
Patched
23.02.2023
SB2023012510: Multiple vulnerabilities in Zoho ManageEngine ServiceDesk Plus Medium
Patched
25.01.2023
SB2023011718: Remote code execution in multiple Zoho ManageEngine products Critical
Patched Exploited
17.01.2023
SB2022122704: Multiple vulnerabilities in Zoho ManageEngine ServiceDesk Plus Medium
Patched
27.12.2022
SB2022112419: XXE in ServiceDesk Plus Low
Patched
24.11.2022
SB2022112404: Command injection in Zoho ManageEngine ServiceDesk Plus Low
Patched
24.11.2022
SB2022012773: XSS in Zoho ManageEngine ServiceDesk Plus Low
Patched
27.01.2022
SB2021120304: Remote code execution in Zoho ManageEngine ServiceDesk Plus Critical
Patched Exploited
03.12.2021
SB2021061406: Remote code execution in ManageEngine ServiceDesk Plus Low
Patched
14.06.2021
SB2021040907: Stored cross-site scripting in Zoho ManageEngine ServiceDesk Plus and AssetExplorer Low
Patched
09.04.2021
SB2020052028: Multiple vulnerabilities in Zoho ManageEngine ServiceDesk Plus Medium
Patched
20.05.2020
SB2020052027: Improper Authentication in Zoho ManageEngine ServiceDesk Plus High
Patched
20.05.2020
SB2020052026: Multiple vulnerabilities in Zoho ManageEngine ServiceDesk Plus Medium
Patched
20.05.2020
SB2020051914: Multiple vulnerabilities in Zoho ManageEngine ServiceDesk Plus Medium
Patched
19.05.2020
SB2020012816: Cross-site scripting in Zoho ManageEngine ServiceDesk Plus Low
Patched
28.01.2020
SB2018052311: Cross-site scripting in Zoho ManageEngine ServiceDesk Plus Low
Patched
23.05.2018