2 matches found
CVE-2018-5353
The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a...
CVE-2018-5353
The vulnerability CVE-2018-5353 affects Zoho ManageEngine ADSelfService Plus before 5.5 build 5517, due to a custom GINA/CP module that does not authenticate the intended server before opening a browser window. An unauthenticated attacker can perform a spoofing attack to redirect the browser and ...