CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2019-7425 – Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 XSS
https://notcve.org/view.php?id=CVE-2019-7425
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter. Existe Cross-Site Scripting (XSS) en Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 en la zona de Administrador en el archivo "/netflow/jspui/linkdownalertConfig.jsp" en el parámetro task. Zoho ManageEngine Netflow Analyzer Professional version 7.0.0.2 suffers from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html http://seclists.org/fulldisclosure/2019/Feb/29 https://www.manageengine.com/products/netflow/?doc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2019-7427 – Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 XSS
https://notcve.org/view.php?id=CVE-2019-7427
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the autorefTime or graphTypes parameter. XSS en Zoho ManageEngine Netflow Analyzer Professional v7.0.0.0.2 en el archivo "/netflow/jspui/linkdownalertConfig.jsp" del parámetro autorefTime o graphTypes. Zoho ManageEngine Netflow Analyzer Professional version 7.0.0.2 suffers from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html http://seclists.org/fulldisclosure/2019/Feb/29 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2019-7423 – Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 XSS
https://notcve.org/view.php?id=CVE-2019-7423
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter. Existe Cross-Site Scripting (XSS) en Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 en la zona de Administrador en el archivo "/netflow/jspui/editProfile.jsp" en el parámetro userName. Zoho ManageEngine Netflow Analyzer Professional version 7.0.0.2 suffers from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html http://seclists.org/fulldisclosure/2019/Feb/29 https://www.manageengine.com/products/netflow/?doc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2019-7426 – Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 XSS
https://notcve.org/view.php?id=CVE-2019-7426
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the groupDesc, groupName, groupID, or task parameter. XSS en Zoho ManageEngine Netflow Analyzer Professional v7.0.0.0.2 en el archivo "/netflow/jspui/linkdownalertConfig.jsp" del groupDesc, groupName, groupID, o parámetro de tarea. Zoho ManageEngine Netflow Analyzer Professional version 7.0.0.2 suffers from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/151585/Zoho-ManageEngine-Netflow-Analyzer-Professional-7.0.0.2-XSS.html http://seclists.org/fulldisclosure/2019/Feb/29 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •