NVD

Id
14687  
Name
CVE-2010-3274  
Description
Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allow remote attackers to inject arbitrary web script or HTML via the searchString parameter in a (1) showList or (2) Search action.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2011-02-17  
Modified Date
2011-09-21  
Seq
2010-3274  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
81328 14687 CVE-2010-3274 8089  View
81329 14687 CVE-2010-3274 http://www.coresecurity.com/content/zoho-manageengine-vulnerabilities  View
81330 14687 CVE-2010-3274 20110210 CORE-2011-0103 - ZOHO ManageEngine ADSelfService multiple vulnerabilities  View
81331 14687 CVE-2010-3274 46331  View
81332 14687 CVE-2010-3274 ADV-2011-0392  View
81333 14687 CVE-2010-3274 adselfservice-employeesearch-xss(65349)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
33626 JVNDB-2011-003868 ZOHO ManageEngine ADSelfService Plus の Employee Search Engine におけるクロスサイトスクリプティングの脆弱性 ZOHO ManageEngine ADSelfService Plus の Employee Search Engine の EmployeeSearch.cc には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2010-3274 45854 CVE-2010-3274 14687 4.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003868.html 2011-02-17 2012-03-27 View