4 matches found
ZOHO ManageEngine OpStor多个跨站脚本漏洞
CVE ID:CVE-2014-2670 Zoho ManageEngine OpStor是一个存储设备监控解决方案,帮助企业有效监控存储资源。 允许通过验证的攻击者注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。 0 ZOHO ManageEngine OpStor ManageEngine Build 8500版本已修复该漏洞,建议用户下载使用: http://www.manageengine.com/products/opstor/...
CVE-2014-2670
Cross-site scripting XSS vulnerability in Properties.do in ZOHO ManageEngine OpStor before build 8500 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter, a different vulnerability than CVE-2014-0344...
CVE-2014-2670
Cross-site scripting XSS vulnerability in Properties.do in ZOHO ManageEngine OpStor before build 8500 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter, a different vulnerability than CVE-2014-0344...
CVE-2014-2670
CVE-2014-2670 affects Zoho ManageEngine OpStor (storage device monitoring). The vulnerability is an XSS in Properties.do via the name parameter, exploitable by remote authenticated users. It is tied to builds before 8500; Build 8500 fixes the issue. The partage of exploitation details across conn...