Zoho ManageEngine ADSelfService Plus prior to 6202 allows malicious users to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zohocorp manageengine adselfservice plus 6.1 |