Is Microsoft affected by CVE-2026-3879?

ManageEngine Exchange Reporter Plus versions prior to 5802 contain a stored cross-site scripting vulnerability that allows low-privileged authenticated users to inject malicious scripts into reports, potentially leading to session hijacking and credential theft of administrative accounts.

CVE-2026-3879

EUVD-2026-18621 HIGH

2026-04-03 Zohocorp

GHSA-c53v-pgpj-xcg4

7.3

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Apr 03, 2026 - 12:00 vuln.today

EUVD ID Assigned

Apr 03, 2026 - 12:00 euvd

EUVD-2026-18621

CVE Published

Apr 03, 2026 - 11:33 nvd

HIGH 7.3

Description

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Equipment Mailbox Details report.

Analysis

Stored cross-site scripting in ManageEngine Exchange Reporter Plus (versions prior to 5802) allows authenticated attackers with low privileges to inject malicious scripts into Equipment Mailbox Details reports, enabling session hijacking and credential theft against administrative users who view the poisoned reports. No active exploitation confirmed (not in CISA KEV), but the vulnerability affects organizations monitoring Microsoft Exchange environments through ManageEngine's reporting platform.

Remediation

Within 24 hours: Identify all ManageEngine Exchange Reporter Plus installations and document current version numbers; restrict report access to essential administrative users only. Within 7 days: Contact ManageEngine support to confirm patch availability timeline and interim mitigation options; implement input validation rules on Equipment Mailbox Details report fields if supported by your instance. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +36

POC: 0

CVE-2026-3879 vulnerability details – vuln.today

Back

CVE-2026-3879

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-3879

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code