2 matches found
CVE-2014-3779
CVE-2014-3779 describes a cross-site scripting (XSS) vulnerability in Zoho ManageEngine ADSelfService Plus prior to 5.2 Build 5202. The issue arises in the web interface where the parameter named “name” passed to GroupSubscription.do is not properly sanitized, allowing remote attackers to inject ...
ADSelfservice Plus 5.1 Cross Site Scripting
Security Advisory : Exploit Title: Manageengine ADSelfservice Plus Reflected Cross Site Scripting XSS Google dork : N/A Exploit Author: Blessen Thomas Date : 03-01-2015 Vendor Homepage : Software Link : N/A Version : ADSelfservice Plus version 5.1 Build :5102 , Evaluation version Trial Tested on...