Cross-Site Scripting Vulnerabilities in ManageEngine Firewall Analyzer by Zoho Corporation
CVE-2012-4889

Currently unrated

Key Information:

Vendor: Manageengine
Status: Firewall Analyzer
Vendor: CVE Published:; 10 September 2012

Summary

Multiple vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow attackers to execute arbitrary code by injecting scripts into various parameters such as subTab, tab, url, and port. These vulnerabilities can be exploited through several specific methods, posing a significant risk to users by potentially leaking sensitive information or compromising system integrity.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/74538

vdb-entryx_refsource_XF

http://secunia.com/advisories/48657

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/80874

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Sep 10, 2012
Vulnerability Reserved
Sep 10, 2012