CVE-2026-3880 | Zoho ManageEngine Exchange Reporter Plus up to 5801 Public Folder Client Permissions Report cross site scripting

Inserito da Angelo Barbosa | Apr 3, 2026 | CVE

A vulnerability was found in Zoho ManageEngine Exchange Reporter Plus up to 5801. It has been classified as problematic. The impacted element is an unknown function of the component Public Folder Client Permissions Report. This manipulation causes cross site scripting.

This vulnerability is tracked as CVE-2026-3880. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-3880 | Zoho ManageEngine Exchange Reporter Plus up to 5801 Public Folder Client Permissions Report cross site scripting

Post correlati

CVE-2024-43331 | VeronaLabs WP SMS Plugin up to 6.9.3 on WordPress authorization

CVE-2024-3127 | GitLab Enterprise Edition up to 17.1.5/17.2.3/17.3.0 IP Restriction access control

CVE-2024-36990 | Splunk Enterprise/Cloud Platform Datamodel Web REST Endpoint infinite loop (SVD-2024-0710)

CVE-2025-48989 | Apache Tomcat up to 8.5.100/9.0.107/10.1.43/11.0.9 HTTP/2 denial of service (EUVD-2025-24559)