2 matches found
CVE-2008-1538
The CVE-2008-1538 entry describes a Cross-site scripting (XSS) vulnerability in ManageEngine EventLog Analyzer 5, exploitable through the searchAction.do endpoint via the searchText parameter. The root cause is inadequate sanitization/validation of user-supplied searchText, allowing remote attack...
CVE-2008-1538
Cross-site scripting XSS vulnerability in searchAction.do in ManageEngine EventLog Analyzer 5 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...