Zero Day Initiative - CVE-2022-40300: SQL Injection in ManageEngine Privileged Access Management

from Zero Day Initiative 1 year ago

In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Justin Hung and Dusan Stevanovic of the Trend Micro Research Team detail a recently patched SQL injection vulnerability in Zoho ManageEngine products.The bug is due to improper validation of resource types in the AutoLogonHelperUtil class.

Read at Zero Day Initiative

#back #possibility #vulnerability #interestingly #sensitive-information

[

]

[

...

]

Zero Day Initiative - CVE-2022-40300: SQL Injection in ManageEngine Privileged Access ManagementZero Day Initiative - CVE-2022-40300: SQL Injection in ManageEngine Privileged Access Management Briefly

Zero Day Initiative - CVE-2022-40300: SQL Injection in ManageEngine Privileged Access Management
Zero Day Initiative - CVE-2022-40300: SQL Injection in ManageEngine Privileged Access Management
Briefly