Manageengine Exchange Reporter Plus
by Zohocorp
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-27655 | Hig | 0.47 | 7.3 | 0.01 | Apr 3, 2026 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report. | ||
| CVE-2026-4108 | Hig | 0.47 | 7.3 | 0.01 | Apr 3, 2026 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Permission report. | ||
| CVE-2026-4107 | Hig | 0.47 | 7.3 | 0.01 | Apr 3, 2026 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Folder Message Count and Size report. | ||
| CVE-2026-3880 | Hig | 0.47 | 7.3 | 0.01 | Apr 3, 2026 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client Permissions report. | ||
| CVE-2026-3879 | Hig | 0.47 | 7.3 | 0.01 | Apr 3, 2026 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Equipment Mailbox Details report. | ||
| CVE-2026-28703 | Hig | 0.47 | 7.3 | 0.01 | Apr 3, 2026 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Between Users report. | ||
| CVE-2026-28756 | Hig | 0.47 | 7.3 | 0.01 | Apr 3, 2026 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on Distribution Groups report. | ||
| CVE-2026-28754 | Hig | 0.47 | 7.3 | 0.01 | Apr 3, 2026 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists report. | ||
| CVE-2025-5966 | 0.01 | — | 0.01 | Jun 26, 2025 | Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report. | |||
| CVE-2025-5366 | 0.01 | — | 0.01 | Jun 26, 2025 | Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Folder-wise read mails with subject report. | |||
| CVE-2025-7633 | 0.00 | — | 0.00 | Nov 11, 2025 | Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Custom report. | |||
| CVE-2025-7632 | 0.00 | — | 0.00 | Nov 11, 2025 | Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Public Folders report. | |||
| CVE-2025-7430 | 0.00 | — | 0.00 | Nov 11, 2025 | Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report. | |||
| CVE-2025-7429 | 0.00 | — | 0.00 | Nov 11, 2025 | Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Mails Deleted or Moved report. | |||
| CVE-2025-5347 | 0.00 | — | 0.00 | Oct 30, 2025 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5723 are vulnerable to Stored Cross Site Scripting in the reports module. | |||
| CVE-2025-5343 | 0.00 | — | 0.00 | Oct 30, 2025 | Zohocorp ManageEngine Exchange Reporter Plus versions through 5721 are vulnerable to Stored Cross Site Scripting in the Instant Search option. | |||
| CVE-2025-5342 | 0.00 | — | 0.01 | Oct 30, 2025 | Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vulnerable to ReDOS vulnerability in the search module. | |||
| CVE-2025-3835 | 0.00 | — | 0.02 | Jun 9, 2025 | Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module. | |||
| CVE-2024-9459 | 0.00 | — | 0.02 | Nov 5, 2024 | Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module. | |||
| CVE-2024-6204 | 0.00 | — | 0.02 | Aug 30, 2024 | Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module. |
- risk 0.47cvss 7.3epss 0.01
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report.
- risk 0.47cvss 7.3epss 0.01
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Permission report.
- risk 0.47cvss 7.3epss 0.01
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Folder Message Count and Size report.
- risk 0.47cvss 7.3epss 0.01
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client Permissions report.
- risk 0.47cvss 7.3epss 0.01
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Equipment Mailbox Details report.
- risk 0.47cvss 7.3epss 0.01
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Between Users report.
- risk 0.47cvss 7.3epss 0.01
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on Distribution Groups report.
- risk 0.47cvss 7.3epss 0.01
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists report.
- CVE-2025-5966Jun 26, 2025risk 0.01cvss —epss 0.01
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report.
- CVE-2025-5366Jun 26, 2025risk 0.01cvss —epss 0.01
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Folder-wise read mails with subject report.
- CVE-2025-7633Nov 11, 2025risk 0.00cvss —epss 0.00
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Custom report.
- CVE-2025-7632Nov 11, 2025risk 0.00cvss —epss 0.00
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Public Folders report.
- CVE-2025-7430Nov 11, 2025risk 0.00cvss —epss 0.00
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report.
- CVE-2025-7429Nov 11, 2025risk 0.00cvss —epss 0.00
Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Mails Deleted or Moved report.
- CVE-2025-5347Oct 30, 2025risk 0.00cvss —epss 0.00
Zohocorp ManageEngine Exchange Reporter Plus versions before 5723 are vulnerable to Stored Cross Site Scripting in the reports module.
- CVE-2025-5343Oct 30, 2025risk 0.00cvss —epss 0.00
Zohocorp ManageEngine Exchange Reporter Plus versions through 5721 are vulnerable to Stored Cross Site Scripting in the Instant Search option.
- CVE-2025-5342Oct 30, 2025risk 0.00cvss —epss 0.01
Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vulnerable to ReDOS vulnerability in the search module.
- CVE-2025-3835Jun 9, 2025risk 0.00cvss —epss 0.02
Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module.
- CVE-2024-9459Nov 5, 2024risk 0.00cvss —epss 0.02
Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module.
- CVE-2024-6204Aug 30, 2024risk 0.00cvss —epss 0.02
Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module.
Page 1 of 2