Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5891

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5891
Last Modified 15 Nov 2008 02:02:31
Published 07 Nov 2007 09:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5891

Summary

Multiple cross-site scripting (XSS) vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Edition and OpManager 7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) requestid, (2) fileid, (3) woMode, and (2) woID parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems

Application

  • Manageengine Opmanager 7.0

  • Manageengine Opmanager Msp


References

BID - 26368

SECUNIA - 27456

OSVDB - 38437

XF - manageengine-opmanager-login-xss(38314)


Last Updated: 27 May 2016 10:46:18