Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine AssetExplorer (Linux)ID: oval:org.secpod.oval:def:8320 | Date: (C)2013-01-07 (M)2022-10-10 |
Class: VULNERABILITY | Family: unix |
The host is installed with ManageEngine AssetExplorer 5.6 before service pack 5614 and is prone to multiple cross-site scripting (XSS) vulnerabilities. The flaws are present in the application, which fails in properly parsing scanned xmls. Successful exploitation allows remote attackers to inject arbitrary web script or HTML.
Product: |
ManageEngine AssetExplorer |