CVE-2022-42889 - Possibly exploitable in AD Self Server Plus

CVE-2022-42889 - Possibly exploitable in AD Self Server Plus

Dangerous hole in Apache Commons Text:


CVE-2022-42889

Recommended fix is to upgrade the .jar library to commons-text-1.10.jar or higher.

AD Self Server Plus uses commons-text-1.6.jar and commons-text-1.8.jar under:
  1. C:\ManageEngine\ADSelfService Plus\lib
Is there a plan to patch this, and more importantly an ETA?

Thank you.

      New to ADSelfService Plus?

        Resources

                Related Products