CVE-2018-7248
CVE-2018-7248 affects Zoho ManageEngine ServiceDesk Plus 9.3 Build 9317. An unauthenticated request to a specific API endpoint allows verifying a username and returns the user’s logon domain if the account exists, or 'null' if it does not, enabling basic domain-identity enumeration. The available...