Home
HIGH: 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:NDefault status
unaffected
Any version before 5802
affected
Description
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report.
Problem types
CWE-79 Improper neutralization of input during web page generation ('cross-site scripting')
Product status
Any version before 5802
References
www.manageengine.com/...reports/advisory/CVE-2026-27655.html