CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-5105

Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 allow remote attackers to inject arbitrary web script or HTML via the (1) searchType and (2) searchString parameters, a different vulnerability than CVE-2010-3274.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.9%

CVSS Severity

CVSS v2 Score 4.3

References

http://jameswebb.me/vulns/vrpth-2011-001.txt
http://www.securityfocus.com/archive/1/520562/100/0/threaded
http://www.securityfocus.com/bid/50717
https://exchange.xforce.ibmcloud.com/vulnerabilities/71395
http://jameswebb.me/vulns/vrpth-2011-001.txt
http://www.securityfocus.com/archive/1/520562/100/0/threaded
http://www.securityfocus.com/bid/50717
https://exchange.xforce.ibmcloud.com/vulnerabilities/71395

Products affected by CVE-2011-5105

Zohocorp » Manageengine Adselfservice Plus » Version: 4.5

cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-5105

Products

Pricing

Contact Us