{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-23T00:44:47.362","vulnerabilities":[{"cve":{"id":"CVE-2020-27449","sourceIdentifier":"cve@mitre.org","published":"2023-08-11T14:15:10.840","lastModified":"2026-06-17T03:09:13.997","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload."},{"lang":"es","value":"Una vulnerabilidad de Cross-Site Scripting (XSS) en la función Query Report en Zoho ManageEngine Password Manager Pro versión 11001, permite a atacantes remotos ejecutar código arbitrario y robar cookies a través de un payload JavaScript manipulado. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-09T19:16:03.114274Z","id":"CVE-2020-27449","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_password_manager_pro:11.1:build_11101:*:*:*:*:*:*","matchCriteriaId":"564A39DB-D202-4223-97E9-E6378CE69013"}]}]}],"references":[{"url":"https://bugbounty.zoho.com/bb/#/bug/101000003619211","source":"cve@mitre.org","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://www.manageengine.com/products/passwordmanagerpro/release-notes.html#pmp11002","source":"cve@mitre.org","tags":["Product","Release Notes"]},{"url":"https://bugbounty.zoho.com/bb/#/bug/101000003619211","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://www.manageengine.com/products/passwordmanagerpro/release-notes.html#pmp11002","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Release Notes"]}]}}]}