2 matches found
CVE-2012-4891
The CVE-2012-4891 entry describes a Cross-site scripting (XSS) vulnerability in ManageEngine Firewall Analyzer 7.2, impacting the fw/index2.do endpoint via the url parameter. This is a distinct vector from CVE-2012-4889. The NVD notes a MEDIUM severity with a CVSS v2 base score of 4.3 (NETWORK, l...
ManageEngine Firewall Analyzer 7.2 - '/fw/index2.do' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/52841/info Firewall Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...