Zoho ManageEngine ADSelfService Plus before 6202 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-05-20T02:10:39

Updated: 2024-08-03T06:10:58.952Z

Reserved: 2022-04-11T00:00:00

Link: CVE-2022-28987

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-05-20T03:15:07.203

Modified: 2024-11-21T06:58:17.790

Link: CVE-2022-28987

cve-icon Redhat

No data.