ZOHO ManageEngine SupportCenter Plus is a web-based customer support software from ZOHO, Inc. A cross-site scripting vulnerability exists in ZOHO ManageEngine SupportCenter Plus, which stems from the productβs failure to validate user identities and could be exploited by attackers to obtain a victimβs cookie-based authentication credentials of the victim.