PT-2018-18054 · Zoho · Zoho Manageengine Eventlog Analyzer

Suresh Khutale

·

Publicado

2018-03-13

·

Atualizado

2018-04-09

·

CVE-2018-7405

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Zoho ManageEngine EventLog Analyzer versions prior to 11.12 Build 11120
Description The issue allows remote attackers to inject arbitrary web script or HTML, which can lead to cross-site scripting (XSS) attacks.
Recommendations For versions prior to 11.12 Build 11120, update to version 11.12 Build 11120 or later to resolve the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2018-7405

Produtos afetados

Zoho Manageengine Eventlog Analyzer