1 results (0.002 seconds)
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 1
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 1CVE-2009-4387
https://notcve.org/view.php?id=CVE-2009-4387
22 Dec 2009 — The cross-site scripting (XSS) protection mechanism in ShowInContentAreaAction.do in ManageEngine Password Manager Pro (PMP) before 6.1 Build 6104 uses case-sensitive checks for malicious inputs, which allows remote attackers to inject arbitrary web script or HTML via the searchtext parameter and other unspecified inputs. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en ShowInContentAreaAction.do en ManageEngine Password Manager Pro (PMP) en versiónes anteriores a v6.1 Build 6104 utiliza... • http://forums.manageengine.com/#Topic/49000003740390 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •