免费扫描
HIGHCVE-2026-3879CVSS 7.3

存储型 XSS 漏洞

平台

manageengine

组件

manageengine-exchange-reporter-plus

修复版本

5802

AI Confidence: highNVDEPSS 0.0%已审阅: 2026年5月
在NVD查看
保存
正在翻译为您的语言…

CVE-2026-3879 is a stored Cross-Site Scripting (XSS) vulnerability affecting ManageEngine Exchange Reporter Plus versions prior to 5802. This vulnerability allows an attacker to inject malicious scripts into the Equipment Mailbox Details report, potentially leading to session hijacking or defacement. Affected versions include those from 0 up to and including 5801. A patch is available in version 5802.

影响与攻击场景翻译中…

Successful exploitation of CVE-2026-3879 allows an attacker to inject arbitrary JavaScript code into the Equipment Mailbox Details report within ManageEngine Exchange Reporter Plus. When a user views this report, the injected script executes in their browser context, granting the attacker potential control over their session. This could lead to unauthorized access to sensitive data, including email content, user credentials, and system configurations. The attacker could also leverage this to perform phishing attacks or deface the application's interface. The scope of impact depends on the privileges of the affected user and the sensitivity of the data they access.

利用背景翻译中…

CVE-2026-3879 was publicly disclosed on 2026-04-03. No public proof-of-concept (POC) code has been released at the time of writing, but the XSS nature of the vulnerability makes it likely that a POC will emerge. The vulnerability is not currently listed on CISA KEV. The probability of exploitation is considered medium due to the ease of XSS exploitation and the potential impact.

哪些人处于风险中翻译中…

Organizations utilizing ManageEngine Exchange Reporter Plus for email reporting and analysis are at risk, particularly those running versions 0 through 5801. Environments with shared user accounts or where user input is not properly validated are especially vulnerable. Those relying on the Equipment Mailbox Details report for critical operational insights are also at increased risk.

检测步骤翻译中…

• manageengine / web:

curl -s -X POST "<exchange_reporter_plus_url>/reports/EquipmentMailboxDetails.aspx" -d "<input_field>=<xss_payload>" | grep -i "<xss_payload>"

• generic web:

curl -s -X POST "<exchange_reporter_plus_url>/reports/EquipmentMailboxDetails.aspx" -d "<input_field>=<xss_payload>" | grep -i "<xss_payload>"

攻击时间线

  1. Disclosure

    disclosure

威胁情报

漏洞利用状态

概念验证未知
CISA KEVNO
互联网暴露
报告1 份威胁报告

EPSS

0.02% (5% 百分位)

CISA SSVC

利用情况none
可自动化no
技术影响total

CVSS 向量

威胁情报· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N7.3HIGHAttack VectorNetwork攻击者如何到达目标Attack ComplexityLow利用漏洞所需的条件Privileges RequiredLow攻击所需的认证级别User InteractionRequired是否需要受害者采取行动ScopeUnchanged超出受影响组件的影响范围ConfidentialityHigh敏感数据泄露风险IntegrityHigh数据未授权篡改风险AvailabilityNone服务中断风险nextguardhq.com · CVSS v3.1 基础分数
这些指标意味着什么?
Attack Vector
网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
Attack Complexity
低 — 无需特殊条件,可以稳定地利用漏洞。
Privileges Required
低 — 任何有效用户账户均可。
User Interaction
需要 — 受害者必须打开文件、点击链接或访问特制页面。
Scope
未改变 — 影响仅限于脆弱组件本身。
Confidentiality
高 — 完全丧失机密性,攻击者可读取所有数据。
Integrity
高 — 攻击者可写入、修改或删除任何数据。
Availability
无 — 无可用性影响。

受影响的软件

组件manageengine-exchange-reporter-plus
供应商Zohocorp
影响范围修复版本
0 – 58025802

弱点分类 (CWE)

CWE-79

时间线

  1. 已保留
  2. 发布日期
  3. 修改日期
  4. EPSS 更新日期

缓解措施和替代方案翻译中…

The primary mitigation for CVE-2026-3879 is to upgrade ManageEngine Exchange Reporter Plus to version 5802 or later, which contains the fix. If an immediate upgrade is not possible, consider implementing input validation and output encoding on user-supplied data within the Equipment Mailbox Details report. Web Application Firewalls (WAFs) configured to detect and block XSS payloads can provide an additional layer of defense. Regularly review and sanitize user input to minimize the attack surface. After upgrade, confirm the vulnerability is resolved by attempting to inject a simple XSS payload into the Equipment Mailbox Details report and verifying that it is not executed.

修复方法翻译中…

Actualice ManageEngine Exchange Reporter Plus a la versión 5802 o posterior. Esta actualización corrige la vulnerabilidad XSS almacenada en el informe 'Equipment Mailbox Details'.

CVE 安全通讯

漏洞分析和关键警报直接发送到您的邮箱。

常见问题翻译中…

What is CVE-2026-3879 — XSS in ManageEngine Exchange Reporter Plus?

CVE-2026-3879 is a stored Cross-Site Scripting (XSS) vulnerability in ManageEngine Exchange Reporter Plus versions 0–5802, allowing attackers to inject malicious scripts into the Equipment Mailbox Details report.

Am I affected by CVE-2026-3879 in ManageEngine Exchange Reporter Plus?

You are affected if you are running ManageEngine Exchange Reporter Plus versions 0 through 5801. Upgrade to version 5802 or later to mitigate the risk.

How do I fix CVE-2026-3879 in ManageEngine Exchange Reporter Plus?

Upgrade ManageEngine Exchange Reporter Plus to version 5802 or later. Input validation and WAF rules can provide temporary mitigation if an upgrade is not immediately possible.

Is CVE-2026-3879 being actively exploited?

While no active exploitation has been confirmed, the XSS nature of the vulnerability suggests a potential for exploitation. Monitor your systems for suspicious activity.

Where can I find the official ManageEngine advisory for CVE-2026-3879?

Refer to the official ManageEngine security advisory for CVE-2026-3879 on the ManageEngine website for detailed information and updates.

你的项目受影响吗?

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描搜索 CVE