CVE-2019-7427

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the autorefTime or graphTypes parameter.
Configurations

Configuration 1 (hide)

cpe:2.3:a:zohocorp:manageengine_netflow_analyzer:7.0.0.2:*:*:*:professional:*:*:*

History

21 Nov 2024, 04:48

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html - Exploit, VDB Entry, Third Party Advisory () http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html - Exploit, Third Party Advisory, VDB Entry
References () http://seclists.org/fulldisclosure/2019/Feb/29 - Mailing List, Exploit, Third Party Advisory () http://seclists.org/fulldisclosure/2019/Feb/29 - Exploit, Mailing List, Third Party Advisory

Information

Published : 2019-05-07 19:29

Updated : 2024-11-21 04:48


NVD link : CVE-2019-7427

Mitre link : CVE-2019-7427

CVE.ORG link : CVE-2019-7427


JSON object : View

Products Affected

zohocorp

  • manageengine_netflow_analyzer
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')