CVE-2021-28382
Zoho ManageEngine Key Manager Plus (before 6001) exposes a Stored XSS vulnerability on the user-management page when importing malicious user details from Active Directory. Affects the product in versions prior to 6001. Remediation: upgrade to version 6001 or later per release notes.