Lucene search
China National Vulnerability DatabaseCNVD-2021-67511HistoryAug 31, 2021 - 12:00 a.m.
ZOHO ManageEngine Log360 Cross-Site Scripting Vulnerability (CNVD-2021-67511)
2021-08-3100:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
log360
cross-site scripting
zoho usa
security threats
active directory
auditing
regulatory requirements
vulnerability
logo_path
client-side data
attack
EPSS
0.001
Percentile
49.6%
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A cross-site scripting vulnerability exists in ZOHO ManageEngine Log360, which stems from the failure of the LOGO_PATH field on the product settings page to verify validity of client-side data. An attacker could execute client-side code through this vulnerability.
Related
nvd
nvd
CVE-2021-40178
2021-08-29 20:15:07
cvelist
cvelist
CVE-2021-40178
2021-08-29 19:17:14
prion
prion
Cross site scripting
2021-08-29 20:15:00
cve
cve
CVE-2021-40178
2021-08-29 20:15:07