Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 (build 123125) allows remote attackers to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZOHO ManageEngine NetFlow Analyzer 跨站脚本漏洞
Vulnerability Description
ZOHO ManageEngine Netflow Analyzer是美国卓豪(ZOHO)公司的一套基于Web的带宽监控工具。 ZOHO ManageEngine NetFlow Analyzer 12.3.125(build 123125)之前的12.3版本中的添加凭证功能存在跨站脚本漏洞。远程攻击者可借助特制的description值利用该漏洞注入任意的Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A