CVE-2026-28703 | Zoho ManageEngine Exchange Reporter Plus up to 5801 Mails Exchanged Between Users Report cross site scripting

Inserito da Angelo Barbosa | Apr 3, 2026 | CVE

A vulnerability has been found in Zoho ManageEngine Exchange Reporter Plus up to 5801 and classified as problematic. Impacted is an unknown function of the component Mails Exchanged Between Users Report. The manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2026-28703. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.

CVE-2026-28703 | Zoho ManageEngine Exchange Reporter Plus up to 5801 Mails Exchanged Between Users Report cross site scripting

Post correlati

CVE-2024-22460 | Dell PowerProtect Data Manager DM5500 Appliance up to 5.15 deserialization (dsa-2024-083)

CVE-2024-43202 | Apache DolphinScheduler up to 3.2.1 Privilege Escalation

CVE-2026-1590 | itsourcecode School Management System 1.0 index.php ID sql injection

CVE-2024-47159 | JetBrains YouTrack up to 2024.2.34646 Workflow authorization