Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 prior to 12.3.125 (build 123125) allows remote malicious users to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zohocorp manageengine netflow analyzer |