Lucene search
HistoryAug 23, 2012 - 8:55 p.m.
CVE-2011-5105
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.871
Percentile
98.7%
Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 allow remote attackers to inject arbitrary web script or HTML via the (1) searchType and (2) searchString parameters, a different vulnerability than CVE-2010-3274.
Affected configurations
Node
zohocorpmanageengine_adselfservice_plusMatch4.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zohocorp | manageengine_adselfservice_plus | 4.5 | cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2012-08-23 20:55:00
Cross site scripting
2011-02-17 18:00:00
nessus
nessus
ManageEngine ADSelfService EmployeeSearch.cc Multiple XSS
2011-12-08 00:00:00
cvelist
cvelist
CVE-2011-5105
2012-08-23 20:00:00
CVE-2010-3274
2011-02-17 17:00:00
cve
cve
CVE-2011-5105
2012-08-23 20:55:02
CVE-2010-3274
2011-02-17 18:00:03
exploitdb
exploitdb
nvd
nvd
CVE-2010-3274
2011-02-17 18:00:03
openvas
openvas
securityvulns
securityvulns
packetstorm
packetstorm
Core Security Technologies Advisory 2011.0103
2011-02-10 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.871
Percentile
98.7%
Related for NVD:CVE-2011-5105