CVE-2025-7632

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
5.4MEDIUM
EPSS
0.0%
top 95.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Zohocorp Manageengine Exchange Reporter Plus
Timeline
PublishedNov 11

Description

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Public Folders report.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:NExploitability: 2.1 | Impact: 5.2

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
Stored XSS2025-11-11
GHSA
GHSA-596r-563g-p8ff: Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Public Folders report2025-11-11
CVE-2025-7632 (MEDIUM CVSS 5.4) | Zohocorp ManageEngine Exchange Repo | cvebase.io