Cross-Site Scripting (XSS) Vulnerabilities in ManageEngine Firewall Analyzer 7.2
CVE-2012-4889 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) subTab or (2) tab parameter to createAnomaly.do; (3) url, (4) subTab, or (5) tab parameter to mindex.do; (6) tab parameter to index2.do; or (7) port parameter to syslogViewer.do.
Learn more about our Web App Pen Testing.