Cross-Site Scripting Vulnerabilities in ManageEngine ADManager Plus by Zoho Corporation
CVE-2012-1049
Currently unrated
What is CVE-2012-1049?
ManageEngine ADManager Plus 5.2 Build 5210 contains multiple vulnerabilities that allow attackers to perform cross-site scripting (XSS). By exploiting these weaknesses, malicious users can inject arbitrary web scripts or HTML through specific parameters in the application's functionalities, such as 'domainName' in the jsp/AddDC.jsp page and 'operation' in the DomainConfig.do endpoint. This can lead to unauthorized actions and data exposure, emphasizing the importance of robust input validation in web applications.