mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 15:15:46 +02:00
0xMarcio
985 B
985 B
CVE-2019-12476
Description
An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. The attack uses a long sequence of crafted keyboard input.