Security Updates - CVE Database
Home » Security Updates ยป CVE-2018-12998

CVE-2018-12998

A reflected Cross-site scripting (XSS) vulnerability

 

Vulnerability Details
Impact CVSS V3 rating: 6.1 (Medium)
Reported 29 Jun 2018
Fixed 29 Nov 2018
Affected Builds Till Build 123147
Fixed in Build 123169
Overview A reflected Cross-site scripting (XSS) vulnerability
Recommended Fix Upgrade to Firewall Analyzer Version 12.3.231 or above.

 

Description

A reflected Cross-site scripting (XSS) vulnerability in Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter 'operation' to
/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.

We recommend that you upgrade to Firewall Analyzer version 12.3.231 and above to fix this issue.

Source and Acknowledgements

Find out more about CVE-2018-12998 from the CVE dictionary.

Need Help?

For clarification or corrections please contact our support team or email us at fwanalyzer-support@manageengine.com

A single platter for comprehensive Network Security Device Management
Quick LinksNetwork Bandwidth ReportsNetwork Security & Device MgmtLog ManagementCompliance & MSSP Features