Cross site scripting

2021-08-2920:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

49.7%

JSON

Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGO_PATH key value in the logon settings.

CPENameOperatorVersion
manageengine_log360eq5.2 build5219
manageengine_log360eq5.2 build5220-beta
manageengine_log360eq5.2 build5214
manageengine_log360eq5.2 build5213
manageengine_log360eq5.2 build5211
manageengine_log360eq5.2 build5210
manageengine_log360eq5.2 build5209
manageengine_log360eq5.2 build5206
manageengine_log360eq5.2 build5201
manageengine_log360eq5.2 build5200

Name	Operator	Version
manageengine_log360	eq	5.2 build5219
manageengine_log360	eq	5.2 build5220-beta
manageengine_log360	eq	5.2 build5214
manageengine_log360	eq	5.2 build5213
manageengine_log360	eq	5.2 build5211
manageengine_log360	eq	5.2 build5210
manageengine_log360	eq	5.2 build5209
manageengine_log360	eq	5.2 build5206
manageengine_log360	eq	5.2 build5201
manageengine_log360	eq	5.2 build5200

Rows per page:

1-10 of 121

References

www.manageengine.com/log-management/readme.html

0.001 Low

EPSS

Percentile

49.7%

JSON

Related for PRION:CVE-2021-40178