| Vulnerability Details | |
|---|---|
| Impact | CVSS V3 rating: 10 (Critical) |
| Reported | 18 Mar 2019 |
| Fixed | 21 Mar 2019 |
| Affected Builds | Till Build 123322 |
| Fixed in | Build 123323 |
| Overview | Vulnerability in Cross Site Scripting |
| Recommended Fix | Upgrade to NetFlow Analyzer Version 12.3.323 or above. |
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter.
We recommend that you upgrade to NetFlow Analyzer version 12.3.323 and above to fix this issue.
Source and Acknowledgements
Find out more about CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426 and CVE-2019-74273 from the CVE dictionary.
For clarification or corrections please contact our support team or email us at netflowanalyzer-support@manageengine.com