ManageEngine EventLog Analyzer 11.0 Build 11000- Stored Cross Site Scripting Attack

ManageEngine EventLog Analyzer 11.0 Build 11000- Stored Cross Site Scripting Attack

Information
---------------------------------------------------------------------------------------------------------------------------------

Vulnerability Type : Stored Cross Site Scripting Vulnerability
Vulnerable Version : 11.0 Build 11000
CVE-ID : 
Severity : High
Author – Omkar Joshi

Description 
---------------------------------------------------------------------------------------------------------------------------------

EventLog Analyzer provides the most cost-effective Security Information and Event Management (SIEM) software on the market. Using this Log Analyzer software, organizations can automate the entire process of managing terabytes of machine generated logs by collecting, analyzing, correlating, searching, reporting, and archiving from one central location. This event log analyzer software helps to monitor file integrity, conduct log forensics analysis, monitor privileged users and comply to different compliance regulatory bodies by intelligently analyzing your logs and instantly generating a variety of reports like user activity reports, historical trend reports, and more.

Proof of Concept URL 
-----------------------------------------------------------------------------------------------------------------------------------

http://localhost:8400/event/index2.do?url=editAlertForm&tab=alert&NOTIFID=52&ALERT_NAME=Test&alert=profile

Affected Product:
-------------------------------------------------------------------------------------------------------------------------------------

Vulnerable Product:
                                [+]  ManageEngine EventLog Analyzer 11.0 Build 11000

Credits & Authors
-------------------------------------------------------------------------------------------------------------------------------------

Omkar Joshi


Thanks & Regards,
Omkar Joshi
(+91)8087226463

                New to ADSelfService Plus?