CVE-2022-24681

CVE-2022-24681

EPSS 3.6%

Zoho ManageEngine ADSelfService Plus before 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://manageengine.com https://raxis.com/blog/cve-2022-24681 https://www.manageengine.com/products/self-service-password/kb/CVE-2022-24681.html