HIGHCVE-2026-1367Published Modified CNA Zohocorp
CVE-2026-1367: SQL Injection
Zohocorp ManageEngine ADSelfService Plus versions 6522 and below are vulnerable to authenticated SQL Injection in the search report option.
Metrics
- CVSS v3.1
- 8.3
- Severity
- HIGH
- Fixed in
- 6523
- Affected Products
- 1
Fix available
6523
Affected packages
- Zohocorp / ManageEngine ADSelfService Plus< 6523 (from 0)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:LReferences