CVE-2020-15521
Zoho ManageEngine Applications Manager before 14 build 14730 has no protection against jsp/header.jsp Cross-site Scripting (XSS) .
Date published : 2020-09-25
https://www.manageengine.com/products/applications_manager/issues.html#v14730