Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5105

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-5105
Last Modified 24 Aug 2012 09:42:34
Published 23 Aug 2012 04:55:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-5105

Summary

Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 allow remote attackers to inject arbitrary web script or HTML via the (1) searchType and (2) searchString parameters, a different vulnerability than CVE-2010-3274.

Vulnerable Systems

Application

  • Zohocorp Manageengine Adselfservice Plus 4.5


References

XF - manageengine-adselfservice-xss(71395)

BID - 50717

BUGTRAQ - 20111117 Cross-Site Scripting Vuln in Zoho ManageEngine ADSelfServicePlus

MISC - http://jameswebb.me/vulns/vrpth-2011-001.txt


Last Updated: 27 May 2016 10:58:24