HIGHCVE-2026-4108Published Modified CNA Zohocorp
CVE-2026-4108: Stored XSS Vulnerability
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Permission report.
Metrics
- CVSS v3.1
- 7.3
- Severity
- HIGH
- Fixed in
- 5802
- Affected Products
- 1
Fix available
5802
Affected packages
- Zohocorp / ManageEngine Exchange Reporter Plus< 5802 (from 0)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:NReferences