3 matches found
ManageEngine EventLog Analyzer 'j_username' Parameter XSS Vulnerability
ManageEngine EventLog Analyzer is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2014-5103
Cross-site scripting XSS vulnerability in ZOHO ManageEngine EventLog Analyzer 9 build 9000 allows remote attackers to inject arbitrary web script or HTML via the jusername parameter to event/jsecuritycheck. Fixed in Version 10 Build 10000...
CVE-2014-5103
CVE-2014-5103 affects ZOHO ManageEngine EventLog Analyzer 9 (build 9000). The vulnerability is a cross-site scripting (XSS) flaw where an attacker can inject arbitrary HTML/script via the j_username parameter to event/j_security_check due to insufficient input sanitization. The issue is fixed in ...