{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T15:09:09.982","vulnerabilities":[{"cve":{"id":"CVE-2025-5347","sourceIdentifier":"0fc0942c-577d-436f-ae8e-945763c79b02","published":"2025-10-30T15:15:40.640","lastModified":"2025-11-07T01:46:11.683","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Zohocorp ManageEngine Exchange Reporter Plus versions before 5723 are vulnerable to Stored Cross Site Scripting in the reports module."}],"metrics":{"cvssMetricV31":[{"source":"0fc0942c-577d-436f-ae8e-945763c79b02","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"0fc0942c-577d-436f-ae8e-945763c79b02","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:*:*:*:*:*:*:*:*","versionEndExcluding":"5.7","matchCriteriaId":"3DA0580F-8167-450E-A1E9-0F1F7FC7E2C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:-:*:*:*:*:*:*","matchCriteriaId":"3FC399C6-4299-4744-9FC5-13CFE7478164"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5700:*:*:*:*:*:*","matchCriteriaId":"E913F3D6-9F94-4130-94FF-37F4D81BAEF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5701:*:*:*:*:*:*","matchCriteriaId":"34D23B58-2BB8-40EE-952C-1595988335CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5702:*:*:*:*:*:*","matchCriteriaId":"322920C4-4487-4E44-9C40-2959F478A4FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5703:*:*:*:*:*:*","matchCriteriaId":"3AD735B9-2CE2-46BA-9A14-A22E3FE21C6D"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5704:*:*:*:*:*:*","matchCriteriaId":"014DB85C-DB28-4EBB-971A-6F8F964CE6FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5705:*:*:*:*:*:*","matchCriteriaId":"5E9B0013-ABF8-4616-BC92-15DF9F5CB359"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5706:*:*:*:*:*:*","matchCriteriaId":"5B744F32-FD43-47B8-875C-6777177677CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5707:*:*:*:*:*:*","matchCriteriaId":"F1BB6EEA-2BAA-4C48-8DA8-1E87B3DE611F"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5708:*:*:*:*:*:*","matchCriteriaId":"D3012C17-87F5-4FFD-B67B-BEFF2A390613"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5709:*:*:*:*:*:*","matchCriteriaId":"1E33D368-2D81-4C7E-9405-7C0A86E97217"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5710:*:*:*:*:*:*","matchCriteriaId":"7AA9384F-6401-4495-B558-23E5A7A7528C"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5711:*:*:*:*:*:*","matchCriteriaId":"E492F955-0734-4AE4-A59F-572ADF0CFE75"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5712:*:*:*:*:*:*","matchCriteriaId":"11B71FFC-FD2E-4F84-BB1E-55BCA5B51099"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5713:*:*:*:*:*:*","matchCriteriaId":"531AFEFB-BBE6-42B2-8D37-B4098324AA87"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5714:*:*:*:*:*:*","matchCriteriaId":"01F80C71-110D-4776-B13F-08FCDE125B81"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5715:*:*:*:*:*:*","matchCriteriaId":"2A6D8AAD-49B9-4216-9A81-A449A5D5549C"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5717:*:*:*:*:*:*","matchCriteriaId":"852DBCE6-B926-4B5B-B8C2-86569355153D"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5718:*:*:*:*:*:*","matchCriteriaId":"D5E6DB9D-4919-4827-A9F6-1DFCB78F4004"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5719:*:*:*:*:*:*","matchCriteriaId":"534DE66A-9E4B-4A23-917B-EE076E8D9EA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5720:*:*:*:*:*:*","matchCriteriaId":"157CD204-C2E9-48A6-9942-710152B19ECC"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5721:*:*:*:*:*:*","matchCriteriaId":"0FDB440B-9637-4954-8CB8-EED0615BCA26"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_exchange_reporter_plus:5.7:5722:*:*:*:*:*:*","matchCriteriaId":"EB9900E9-4AFA-47ED-A2B7-A6AE6A37CC99"}]}]}],"references":[{"url":"https://www.manageengine.com/products/exchange-reports/advisory/CVE-2025-5347.html","source":"0fc0942c-577d-436f-ae8e-945763c79b02","tags":["Vendor Advisory"]}]}}]}