2022-05-20 02:10:39
mitre
PUBLISHED
Zoho ManageEngine ADSelfService Plus before 6202 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login.