RSS   Vulnerabilities for 'Assetexplorer'   RSS

2012-12-11
 
CVE-2012-5956

 

 
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine AssetExplorer 5.6 before service pack 5614 allow remote attackers to inject arbitrary web script or HTML via fields in XML asset data to discoveryServlet/WsDiscoveryServlet, as demonstrated by the DocRoot/Computer_Information/output element.

 

 >>> Vendor: Manageengine 18 Products
Firewall analyzer
Passwordmanager pro
Opmanager
Opmanager msp
Applications manager
Servicedesk plus
Supportcenter plus
Eventlog analyzer
Oputils
Netflow analyzer
Password manager pro
Password manager pro6.1
Adaudit plus
Admanager plus
Assetexplorer
Device expert
Desktop central
It360


Copyright 2017, cxsecurity.com