CVE-2009-4387

Currently unrated 🤨

Key Information

Vendor: Manageengine
Status: Password Manager Pro; Password Manager Pro6.1
Vendor: CVE Published:; 22 December 2009

Summary

The cross-site scripting (XSS) protection mechanism in ShowInContentAreaAction.do in ManageEngine Password Manager Pro (PMP) before 6.1 Build 6104 uses case-sensitive checks for malicious inputs, which allows remote attackers to inject arbitrary web script or HTML via the searchtext parameter and other unspecified inputs.

Timeline

Vulnerability Reserved.
Oct 3, 2022
Vulnerability published.
Dec 22, 2009

Collectors

NVD DatabaseMitre Database