Akihito Mukai

**Name of the Vulnerable Software and Affected Versions** Zoho NetFlow Analyzer versions 10250 and earlier **Description** The issue allows remote attackers to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role, due to a lack of administrative authorization checks. **Recommendations** For Zoho NetFlow Analyzer versions 10250 and earlier, update to a version later than 10250 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Zoho NetFlow Analyzer versions prior to build 10250 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For versions prior to build 10250, update to a version later than build 10250 to resolve the issue.