CVE-2022-24681

CVE-2022-24681

EPSS 3.6%

Zoho ManageEngine ADSelfService Plus before 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://manageengine.com https://raxis.com/blog/cve-2022-24681 https://www.manageengine.com/products/self-service-password/kb/CVE-2022-24681.html