Zoho ManageEngine ADSelfService Plus before 6104 allows stored XSS on the /webclient/index.html#/directory-search user search page via the e-mail address field.
Published May 20, 2021.
Zohocorp Manageengine Adselfservice Plus
