Vulnerabilities

CVE-2009-4387

by Fred · 22/12/2009

The cross-site scripting (XSS) protection mechanism in ShowInContentAreaAction.do in ManageEngine Password Manager Pro (PMP) before 6.1 Build 6104 uses case-sensitive checks for malicious inputs, which allows remote attackers to inject arbitrary web script or HTML via the searchtext parameter and other unspecified inputs.

Date published : 2009-12-22

http://www.securityfocus.com/bid/37336

http://forums.manageengine.com/#Topic/49000003740390

Similar

Tags: Cybersecurity Alert