
ManageEngine AD360 Integration Flaw Exposes User Identity and Role Information to Attackers
ManageEngine has disclosed a high-severity vulnerability, tracked as CVE-2026-11374, affecting several of its identity and access management solutions when integrated with AD360. The flaw could allow unauthenticated attackers to predict single sign-on (SSO) tokens, potentially leading to account takeover and exposure of sensitive user information. The issue affects ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, […]
The post ManageEngine AD360 Integration Flaw Exposes User Identity and Role Information to Attackers appeared first on Cyber Security News.