Zoho ManageEngine ADSelfService Plus 5.x before 5809 URL Redirection to Untrusted Site (‘Open Redirect’) Vulnerability

Summary

Zoho ManageEngine ADSelfService Plus 5.x before 5809 suffers from url redirection to untrusted site (‘Open Redirect’) vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://pitstop.manageengine.com/portal/community/topic/adselfservice-plus-5809-release


Details

An open redirect vulnerability was discovered in Zoho ManageEngine ADSelfService Plus 5.x before 5809 that allows attackers to force users who click on a crafted link to be sent to a specified external site.

 

Vulnerable Systems:

ADSelfService Plus 5.x before 5809 

 

CVE Information:

CVE-2019-18781

 

Disclosure Timeline:
Published Date:12/18/2019

Categories: FeaturedNews