CVE-2020-13154
Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users to discover the File Protection password via a getFileProtectionSettings call to AjaxServlet.
Date published : 2020-05-18
https://gitlab.com/eLeN3Re/CVE-2020-13154
https://www.manageengine.com/products/service-desk/on-premises/readme.html