|Impact||CVSS V3 rating: 10 (Critical)|
|Reported||18 Mar 2019|
|Fixed||21 Mar 2019|
|Affected Builds||Till Build 123322|
|Fixed in||Build 123323|
|Overview||Vulnerability in Cross Site Scripting|
|Recommended Fix||Upgrade to NetFlow Analyzer Version 12.3.323 or above.|
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v18.104.22.168 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter.
We recommend that you upgrade to NetFlow Analyzer version 12.3.323 and above to fix this issue.
Source and Acknowledgements
Find out more about CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426 and CVE-2019-74273 from the CVE dictionary.