CVE-2026-3880

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client Permissions report...

CVE-2026-3880

ManageEngine Exchange Reporter Plus (Zohocorp) versions before 5802 are vulnerable to a Stored XSS flaw in the Public Folder Client Permissions report. The issue allows injected script via the affected report, with CVSSv3.1 metrics indicating a HIGH base score (7.3), remote attack vector, low att...

CVE-2026-3880 Stored XSS Vulnerability

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client Permissions report...