Vulnerabilities > Zohocorp > Manageengine Log360 > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-29 | CVE-2021-40172 | Cross-Site Request Forgery (CSRF) vulnerability in Zohocorp Manageengine Log360 5.0/5.1/5.2 Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings. | 6.8 |
2021-08-29 | CVE-2021-40174 | Cross-Site Request Forgery (CSRF) vulnerability in Zohocorp Manageengine Log360 5.0/5.1/5.2 Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings. | 6.8 |
2021-08-29 | CVE-2021-40176 | Cross-site Scripting vulnerability in Zohocorp Manageengine Log360 5.0/5.1/5.2 Zoho ManageEngine Log360 before Build 5225 allows stored XSS. | 4.3 |
2021-08-29 | CVE-2021-40178 | Cross-site Scripting vulnerability in Zohocorp Manageengine Log360 5.0/5.1/5.2 Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGO_PATH key value in the logon settings. | 4.3 |