Cross-Site Scripting Vulnerabilities in ManageEngine Applications Manager
CVE-2008-0474

Currently unrated

Key Information:

Vendor

Manageengine
Status
Applications Manager
Vendor
CVE Published:
29 January 2008

What is CVE-2008-0474?

Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Applications Manager version 8.1 build 8100 enable remote attackers to execute arbitrary web scripts or HTML. These vulnerabilities occur via several parameters, including showlink in jsp/DiscoveryProfiles.jsp, and multiple parameters in jsp/ThresholdActionConfiguration.jsp and jsp/UpdateGlobalSettings.jsp, among others. This allows attackers to compromise the application’s functionality and potentially gain access to sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/27443
vdb-entryx_refsource_BID
http://secunia.com/advisories/28332
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/39914
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.