Zohocorp: >> Manageengine Adselfservice Plus >> 6.5 Security Vulnerabilities
Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication Bypass due to improper filter configurations.
CVSS Score
9.1
EPSS Score
0.001
Published
2026-01-13
Zohocorp ManageEngineĀ ADSelfService Plus versionsĀ 6513 and prior are vulnerable to authenticated SQL injection in the MFA reports.
CVSS Score
8.1
EPSS Score
0.018
Published
2025-05-14
Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to theĀ session mishandling. Valid account holders in the setup only have the potential to exploit this bug.
CVSS Score
8.1
EPSS Score
0.001
Published
2025-03-03