CVE-2019-12540

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 10.5. There is XSS via the WorkOrder.do search field.
Source: NIST
CVE-2019-12540