Description
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| ManageEngine | Exchange Reporter Plus | unaffected |
|
Configuration 1 [-]
|
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Zohocorp | Manageengine Exchange Reporter Plus | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-28698 | Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report. |
References
History
Mon, 29 Sep 2025 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:*:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:-:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5700:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5701:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5702:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5703:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5704:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5705:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5706:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5707:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5708:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5709:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5710:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5711:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5712:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5713:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5714:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5715:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5717:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5718:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5719:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5720:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5721:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5722:*:*:*:*:*:* |
Thu, 26 Jun 2025 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 26 Jun 2025 12:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report. | |
| Title | Stored XSS | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Zohocorp
Published:
Updated: 2025-06-26T12:54:07.728Z
Reserved: 2025-06-10T09:25:22.467Z
Link: CVE-2025-5966
Vulnrichment
Updated: 2025-06-26T12:54:04.890Z
NVD
Status : Analyzed
Published: 2025-06-26T13:15:29.123
Modified: 2025-09-29T14:49:26.283
Link: CVE-2025-5966
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-07-06T22:16:30Z
Weaknesses