CVE-2021-41288

CVE-2021-41288 affects Zoho ManageEngine OpManager (version 125466 and earlier). A SQL injection vulnerability exists in the getReportData API due to insufficient validation of HTTP request parameters, enabling an attacker to manipulate/compromise the application database. NVD lists CVSS vectors:...