Cross-site scripting (XSS) vulnerability

It has been publicly announced in US-CERT that there is an exploit in ADSSP. Has this been resolved in 5203?

Overview

Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ADSelfService Plus before 5.2 Build 5202 allows remote attackers to inject arbitrary web script or HTML via the name parameter to GroupSubscription.do.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3779

Please advise.

New to M365 Manager Plus?

Start your free trial

Resources

New to M365 Manager Plus?

Start your free trial

Resources

New to RecoveryManager Plus?

Start your free trial

Resources

New to RecoveryManager Plus?

Start your free trial

Resources

New to Exchange Reporter Plus?

Start your free trial

Resources

New to Exchange Reporter Plus?

Start your free trial

Resources

New to SharePoint Manager Plus?

Start your free trial

Resources

New to SharePoint Manager Plus?

Start your free trial

Resources

See all integrations

New to ADManager Plus?

Start your free trial

Resources

New to ADSelfService Plus?

Start your free trial

Resources

Cross-site scripting (XSS) vulnerability

Cross-site scripting (XSS) vulnerability

Overview

Topic Participants

stoneaj

Kip Sanborn

Raghuraman B

Brian Richardson

New to ADSelfService Plus?

Related Products