Vulnerabilities

CVE-2022-28987

by Fred · 19/05/2022

ManageEngine ADSelfService Plus v6.1 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login.

Date published : 2022-05-19

https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/adselfservice-userenum.md

https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/adselfservice-userenum.py

Similar

Tags: Cybersecurity Alert