4 matches found
CVE-2023-35786
Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files...
ManageEngine ADManager Plus < Build 7183 XXE
Zoho ManageEngine ADManager Plus before version 7.1 Build 7183 allows authenticated administrators to perform XML external entity injection XXE attacks and view files in servers. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
CVE-2023-35786
Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files...
CVE-2023-35786
CVE-2023-35786 affects Zoho ManageEngine ADManager Plus; before build 7183, authenticated administrators can trigger an XML External Entity (XXE) injection to view server files. The issue is constrained to versions prior to 7183, with the vulnerability arising from XXE in the application’s handli...