CVE-2023-35719
CVE-2023-35719 affects ManageEngine ADSelfService Plus GINA Client. The flaw exists in the Password Reset Portal and stems from insufficient authentication of data received over HTTP, allowing physically present attackers to bypass authentication and execute arbitrary code in the SYSTEM context. ...