CVE-2018-10803

Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 (build 123125) allows remote attackers to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:*:5610:*:*:*:*:*:*

Information

Published : 2018-05-10 07:29

Updated : 2020-08-24 10:37


NVD link : CVE-2018-10803

Mitre link : CVE-2018-10803


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

zohocorp

  • manageengine_netflow_analyzer