Cross site scripting

2019-05-0214:29:00

PRIOn knowledge base

www.prio-n.com

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.7%

JSON

The user defined DNS name in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to stored XSS attacks.

CPENameOperatorVersion
manageengine_firewall_analyzereq7.2 7021
manageengine_firewall_analyzereq7.2 7020
manageengine_firewall_analyzereq7.4 7400
manageengine_firewall_analyzereq8.0 8000
manageengine_firewall_analyzereq7.6 7600
manageengine_firewall_analyzereq8.1 8110
manageengine_firewall_analyzereq8.3 8300
manageengine_firewall_analyzereq8.5 8500
manageengine_firewall_analyzereq12.0 12000
manageengine_firewall_analyzereq12.2 12200

Name	Operator	Version
manageengine_firewall_analyzer	eq	7.2 7021
manageengine_firewall_analyzer	eq	7.2 7020
manageengine_firewall_analyzer	eq	7.4 7400
manageengine_firewall_analyzer	eq	8.0 8000
manageengine_firewall_analyzer	eq	7.6 7600
manageengine_firewall_analyzer	eq	8.1 8110
manageengine_firewall_analyzer	eq	8.3 8300
manageengine_firewall_analyzer	eq	8.5 8500
manageengine_firewall_analyzer	eq	12.0 12000
manageengine_firewall_analyzer	eq	12.2 12200