CVEDB API

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on Distribution Groups report.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.6%

CVSS Severity

CVSS v3 Score 7.3

References

Products affected by CVE-2026-28756

Zohocorp » Manageengine Exchange Reporter Plus » Version: N/A

cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:-
Zohocorp » Manageengine Exchange Reporter Plus » Version: 5.4

cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.4
Zohocorp » Manageengine Exchange Reporter Plus » Version: 5.5

cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5
Zohocorp » Manageengine Exchange Reporter Plus » Version: 5.6

cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.6
Zohocorp » Manageengine Exchange Reporter Plus » Version: 5.7

cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7
Zohocorp » Manageengine Exchange Reporter Plus » Version: 5.8

cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.8