Cross-Site Scripting (XSS) Vulnerabilities in ManageEngine Firewall Analyzer 7.2

Cross-Site Scripting (XSS) Vulnerabilities in ManageEngine Firewall Analyzer 7.2

CVE-2012-4889 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) subTab or (2) tab parameter to createAnomaly.do; (3) url, (4) subTab, or (5) tab parameter to mindex.do; (6) tab parameter to index2.do; or (7) port parameter to syslogViewer.do.

Learn more about our Web App Pen Testing.