An open redirect vulnerability was discovered in Zoho ManageEngine ADSelfService Plus 5.x before 5809 that allows attackers to force users who click on a crafted link to be sent to a specified external site.
Published December 19, 2019.
Zohocorp Manageengine Adselfservice Plus