CVE-2026-27655 | Zoho ManageEngine Exchange Reporter Plus up to 5801 Permissions Based on Mailboxes Report cross site scripting

Inserito da Angelo Barbosa | Apr 3, 2026 | CVE

A vulnerability was found in Zoho ManageEngine Exchange Reporter Plus up to 5801. It has been rated as problematic. This impacts an unknown function of the component Permissions Based on Mailboxes Report. Performing a manipulation results in cross site scripting.

This vulnerability is cataloged as CVE-2026-27655. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-27655 | Zoho ManageEngine Exchange Reporter Plus up to 5801 Permissions Based on Mailboxes Report cross site scripting

Post correlati

CVE-2025-6292 | D-Link DIR-825 2.03 HTTP POST Request sub_4091AC stack-based overflow

CVE-2024-4088 | shafayat-alam Gutenberg Blocks and Page Layouts Plugin up to 1.9.2 on WordPress disable_fe_assets cross-site request forgery

CVE-2024-5030 | CM Table of Contents Plugin up to 1.2.2 on WordPress Setting cross-site request forgery

CVE-2026-33719 | WWBN AVideo up to 26.0 CDN Plugin Endpoint status.json.php par missing authentication