Vulnerability Details CVE-2019-11676
The user defined DNS name in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to stored XSS attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.032
EPSS Ranking 86.3%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2019-11676
-
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.0
-
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.2
-
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:12.3
-
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:7.2
-
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:7.4
-
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:7.6
-
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.0
-
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.1
-
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.3
-
cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:8.5