2 matches found
CVE-2020-13154
Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users to discover the File Protection password via a getFileProtectionSettings call to AjaxServlet...
CVE-2020-13154
Zoho ManageEngine Service Plus (on-premises) before 11.1 build 11112 is affected. Affected component: getFileProtectionSettings in AjaxServlet allows low-privilege authenticated users to disclose the File Protection password. Root cause details are not expanded beyond the information Disclosure d...