CVE-2009-4387

NONECVSS 0.0

0.0

The cross-site scripting (XSS) protection mechanism in ShowInContentAreaAction.do in ManageEngine Password Manager Pro (PMP) before 6.1 Build 6104 uses case-sensitive checks for malicious inputs, which allows remote attackers to inject arbitrary web script or HTML via the searchtext parameter and other unspecified inputs.

🔗 References (14)

cve@mitrehttp://forums.manageengine.com/#Topic/49000003740390
cve@mitrehttp://secunia.com/advisories/37765
cve@mitrehttp://www.manageengine.com/products/passwordmanagerpro/release-notes.html
cve@mitrehttp://www.scip.ch/?vuldb.4063
cve@mitrehttp://www.scip.ch/publikationen/advisories/scip_advisory-4063_manageengine_pmp_script_injection.txt
cve@mitrehttp://www.securityfocus.com/bid/37336
cve@mitrehttp://www.vupen.com/english/advisories/2009/3540
af854a3a-2127-422b-91ae-364da2661108http://forums.manageengine.com/#Topic/49000003740390
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37765
af854a3a-2127-422b-91ae-364da2661108http://www.manageengine.com/products/passwordmanagerpro/release-notes.html
af854a3a-2127-422b-91ae-364da2661108http://www.scip.ch/?vuldb.4063
af854a3a-2127-422b-91ae-364da2661108http://www.scip.ch/publikationen/advisories/scip_advisory-4063_manageengine_pmp_script_injection.txt
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/37336
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/3540

Is Your Infrastructure Affected by CVE-2009-4387?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-4387

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-4387?