Manageengine · Zoho Manageengine Netflow Analyzer · CVE-2005-3522
**Name of the Vulnerable Software and Affected Versions**
ManageEngine Netflow Analyzer version 4.0.2
**Description**
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `grDisp` parameter in the index.jsp file.
**Recommendations**
For ManageEngine Netflow Analyzer version 4.0.2, update to a newer version that contains a fix for this issue.