← back
CVE-2021-27956

CVE-2021-27956

EPSS 1.6%
Zoho ManageEngine ADSelfService Plus before 6104 allows stored XSS on the /webclient/index.html#/directory-search user search page via the e-mail address field.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6104-released-with-an-important-security-fixeshttps://raxis.com/blog/cve-2021-27956-manage-engine-xsshttps://www.manageengine.com