Threat Encyclopedia

Security Vulnerability CVE-2010-4841 for EventLog Analyzer


Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine EventLog Analyzer 6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) HOST_ID, (2) OS, (3) GROUP, (4) exportFile, (5) load, (6) type, or (7) tab parameter to, the (8) reported parameter to, the (9) gId parameter to, the (10) newWindow parameter to, or the (11) STATUS parameter to Fixed in Build 9000.

affected-products-logoAffected Products

EventLog Analyzer

CVE References