CVE-2025-7430

CVSS v2.0

8.5

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below

Description The software contains a Stored Cross-Site Scripting (XSS) issue within the Folder Message Count and Size report. This allows for the injection of malicious scripts that can be stored and executed by other users.

Recommendations Update Zohocorp ManageEngine Exchange Reporter Plus to a version higher than 5723.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

BDU:2026-00238

CVE-2025-7430

Affected Products

Zoho Manageengine Exchange Reporter Plus

CVE-2025-7430

Weakness Enumeration

Related Identifiers

Affected Products

References · 9