CVE-2026-4107
CVE-2026-4107
7.3
HighPublished:
Last updated:
Source:0fc0942c-577d-436f-ae8e-945763c79b02
Analyzed
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- Low
- User Interaction
- Required
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- High
- Availability
- None
Description
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Folder Message Count and Size report.
References
0fc0942c-577d-436f-ae8e-945763c79b02
https://www.manageengine.com/products/exchange-reports/advisory/CVE-2026-4107.html