Vulnerability Details CVE-2018-8721
Zoho ManageEngine EventLog Analyzer version 11.0 build 11000 has Stored XSS related to the index2.do?url=editAlertForm&tab=alert&alert=profile URI and the Edit Alert Profile screen
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 79.7%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/103424
- https://pitstop.manageengine.com/portal/community/topic/manageengine-eventlog-analyzer-11-0-build-11000-stored-cross-site-scripting-attack
- http://www.securityfocus.com/bid/103424
- https://pitstop.manageengine.com/portal/community/topic/manageengine-eventlog-analyzer-11-0-build-11000-stored-cross-site-scripting-attack
Products affected by CVE-2018-8721
-
cpe:2.3:a:zohocorp:manageengine_eventlog_analyzer:11.0