CVE-2010-5050

Name of the Vulnerable Software and Affected Versions ManageEngine ADManager Plus version 4.4.0

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the computerName parameter in the "jsp/admin/tools/remote share.jsp" endpoint.

Recommendations For ManageEngine ADManager Plus version 4.4.0, avoid using the computerName parameter in the vulnerable endpoint until the issue is resolved. Consider restricting access to the "jsp/admin/tools/remote share.jsp" endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.