Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 13 via the comment field when adding a new status comment.
https://www.manageengine.com/products/service-desk/CVE-2023-23077.html
https://bugbounty.zohocorp.com/bb/#/bug/101000006387693?tab=originator