ZOHO ManageEngine Cloud Security Plus is a log management and monitoring tool for the public cloud platform from ZOHO, Inc. A code injection vulnerability exists in ZOHO ManageEngine Cloud Security Plus, which originates from Zoho ManageEngine Cloud Security Plus before Build 4117, which can be exploited by attackers to conduct CSRF attacks on server proxy settings.