Medium severity6.1NVD Advisory· Published May 20, 2021· Updated Jun 17, 2026
CVE-2021-27956
CVE-2021-27956
Description
Zoho ManageEngine ADSelfService Plus before 6104 allows stored XSS on the /webclient/index.html#/directory-search user search page via the e-mail address field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Zoho ManageEngine/ADSelfService Plusdescription
- Range: <6104
- Range: <6104
Patches
Vulnerability mechanics
References
3- raxis.com/blog/cve-2021-27956-manage-engine-xssnvdExploitThird Party Advisory
- pitstop.manageengine.com/portal/en/community/topic/adselfservice-plus-6104-released-with-an-important-security-fixesnvdVendor Advisory
- www.manageengine.comnvdVendor Advisory
News mentions
0No linked articles in our index yet.