Zohocorp: >> Manageengine Password Manager Pro >> 9.5 Security Vulnerabilities
In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve credentials via a browser extension for non-website resource types.
CVSS Score
5.9
EPSS Score
0.009
Published
2021-06-16
Zoho ManageEngine Password Manager Pro 10.4 and prior has no protection against Cross-site Request Forgery (CSRF) attacks, as demonstrated by changing a user's role.
CVSS Score
8.8
EPSS Score
0.005
Published
2020-03-16
Page 2