Vulnerability Details CVE-2026-3880
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client Permissions report.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.6%
CVSS Severity
CVSS v3 Score 7.3
Products affected by CVE-2026-3880
-
cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:-
-
cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.4
-
cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.5
-
cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.6
-
cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7
-
cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.8