Cross-site Scripting Vulnerability in ManageEngine OpUtils by Zoho
CVE-2008-2797

Currently unrated

Key Information:

Vendor: Manageengine
Status: Oputils
Vendor: CVE Published:; 20 June 2008

What is CVE-2008-2797?

A cross-site scripting (XSS) vulnerability exists in the MainLayout.do component of ManageEngine OpUtils 5.0. This flaw allows remote attackers to inject malicious web scripts or HTML content via the hostName parameter while viewing SNMP graphs. By exploiting this vulnerability, attackers may manipulate the display of web pages for end users, potentially leading to data theft or unauthorized actions performed in the context of logged-in users.

References

http://secunia.com/advisories/30745

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/43158

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/29785

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jun 20, 2008
Vulnerability Reserved
Jun 19, 2008

Manageengine

What is CVE-2008-2797?

References

Timeline