2 matches found
CVE-2009-4387
The cross-site scripting XSS protection mechanism in ShowInContentAreaAction.do in ManageEngine Password Manager Pro PMP before 6.1 Build 6104 uses case-sensitive checks for malicious inputs, which allows remote attackers to inject arbitrary web script or HTML via the searchtext parameter and oth...
CVE-2009-4387
CVE-2009-4387 : In ManageEngine Password Manager Pro (PMP) ≤ 6.1 Build 6104, the XSS protection in ShowInContentAreaAction.do relies on case‑sensitive input checks, allowing remote attackers to inject arbitrary script/HTML via the searchtext parameter and other inputs. This bypasses the intended ...