CVE-2014-4930
The vulnerability is a cross-site scripting (XSS) flaw in ManageEngine EventLog Analyzer, affecting the web endpoint event/index2.do. It allows an attacker to inject arbitrary script or HTML via multiple parameters (width, height, url, helpP, tab, module, completeData, RBBNAME, TC, rtype, eventCr...