Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allow remote attackers to inject arbitrary web script or HTML via the searchString parameter in a (1) showList or (2) Search action.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-02-17T17:00:00

Updated: 2024-08-07T03:03:18.637Z

Reserved: 2010-09-09T00:00:00

Link: CVE-2010-3274

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-02-17T18:00:03.073

Modified: 2024-11-21T01:18:25.000

Link: CVE-2010-3274

cve-icon Redhat

No data.