Vulnerability Details | |
---|---|
Impact | CVSS V3 rating: 10 (Critical) |
Reported | 18 Mar 2019 |
Fixed | 21 Mar 2019 |
Affected Builds | Till Build 123322 |
Fixed in | Build 123323 |
Overview | Vulnerability in Cross Site Scripting |
Recommended Fix | Upgrade to NetFlow Analyzer Version 12.3.323 or above. |
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter.
We recommend that you upgrade to NetFlow Analyzer version 12.3.323 and above to fix this issue.
Source and Acknowledgements
Find out more about CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426 and CVE-2019-74273 from the CVE dictionary.
For clarification or corrections please contact our support team or email us at netflowanalyzer-support@manageengine.com