Cross-site request forgery (CSRF) vulnerability in ZOHO ManageEngine Desktop Central prior to 9 build 90130 allows remote malicious users to hijack the authentication of administrators for requests that add an administrator account via an addUser action to STATE_ID/1417736606982/roleMgmt.do.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zohocorp manageengine desktop central |