ManageEngine EventLog Analyzer event/j_security_check j_username Parameter Reflected XSS
================================================================================================================================================================ManageEngine EventLog Analyzer 8.6 cross-site scripting (XSS) Vulnerability
================================================================================================================================================================
#Date- 12/12/2013
# code by Asheesh kumar Mani Tripathi
http://www.osvdb.org/show/osvdb/102270
http://www.osvdb.org/show/osvdb/102270
# Credit by Asheesh Anaconda
#Vulnerbility
ManageEngine EventLog Analyzer 8.6 is prone to an cross-site scripting (XSS) Vulnerability because the application fails to properly
sanitize user-supplied input
#Impact
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities
No comments:
Post a Comment