[Important] ADSelfService Plus 6122 Security Fix Release

[Important] ADSelfService Plus 6122 Security Fix Release

Hello everyone,

This is to announce the release of ADSelfService Plus' latest build, 6122, with the following issues fix.

Issue Fix:
  • In product instances where post-action custom scripts are enabled, a security vulnerability (CVE-2022-28810) which could lead to remote code execution during password reset and password change, has been fixed. This issue was reported by Hernan Diaz, Andrew Iwamaye, Dan Kelly, and Jake Baines of Rapid7 via our Zoho Bug Bounty program.
For more information, refer to our security advisory page.

Note : If you have enabled custom scripts, follow these guidelines after upgrading to build 6122.

How to update?

You can update to the latest build using the service pack. Instructions on how to install the service pack are also given on the page.

Regards,
ADSelfService Plus Team
Toll Free: +1-84-245-1104
Direct: +1-408-916-9890

      New to ADSelfService Plus?

        Resources

                Related Products