CVE-2026-4108 | Zoho ManageEngine Exchange Reporter Plus up to 5801 Non-Owner Mailbox Permission Report cross site scripting

Inserito da Angelo Barbosa | Apr 3, 2026 | CVE

A vulnerability, which was classified as problematic, was found in Zoho ManageEngine Exchange Reporter Plus up to 5801. This issue affects some unknown processing of the component Non-Owner Mailbox Permission Report. Executing a manipulation can lead to cross site scripting.

The identification of this vulnerability is CVE-2026-4108. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.

CVE-2026-4108 | Zoho ManageEngine Exchange Reporter Plus up to 5801 Non-Owner Mailbox Permission Report cross site scripting

Post correlati

CVE-2024-24935 | WpSimpleTools Basic Log Viewer Plugin up to 1.0.4 on WordPress cross-site request forgery

CVE-2025-71245 | SPIP up to 4.4.7 IFRAME cross site scripting

CVE-2024-2287 | Knight Lab Timeline Plugin up to 3.9.3.3 on WordPress Shortcode cross site scripting

CVE-2025-0568 | Sante PACS Server 3.0.4/3.3.7 DCM File Parser denial of service