SQL Injection Vulnerability in Zoho ManageEngine Application Manager

CVE-2020-15533

What is CVE-2020-15533?

The AlarmEscalation module in Zoho ManageEngine Application Manager versions 14.7 Build 14730 and specific earlier and later builds has a vulnerability that allows for unauthenticated SQL Injection attacks. This security flaw could be exploited by an attacker to manipulate database queries, potentially leading to unauthorized data access or disclosure.

References