exploitDog

GHSA-42pm-gg43-38gr

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to CVE-2009-3903.

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to CVE-2009-3903.

Ссылки

EPSS

Процентиль: 79%

0.01257

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2019-7424

CVSS3: 6.1

nvd

почти 7 лет назад

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to CVE-2009-3903.

EPSS

Процентиль: 79%

0.01257

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79