2 matches found
Multiple Cross-Site Scripting Vulnerabilities in SupportCenter Plus
SupportCenter Plus is a web-based customer support software. Multiple cross-site scripting vulnerabilities exist in SupportCenter Plus. Because input passed to the "/HomePage.do" script via the "fromCustomer" HTTP GET parameter, the "username" and "password" HTTP POST parameters are not properly...
ManageEngine SupportCenter Plus HomePage.do fromCustomer Parameter XSS
The version of ManageEngine SupportCenter Plus installed on the remote host is affected by a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'fromCustomer' parameter of the 'HomePage.do' script. An attacker may be able to leverage this to inject...