Browse all 4 CVE security advisories affecting ZOHO. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ZOHO provides a suite of cloud-based business productivity and collaboration tools, including office suites, CRM, and IT management software. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and authentication weaknesses. While no major public security incidents have been widely reported, the consistent appearance of multiple CVEs across their product lines suggests ongoing security challenges that require vigilant patch management. Organizations implementing ZOHO solutions should prioritize regular updates and security assessments to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-33849 | WordPress 插件 跨站脚本漏洞 — Zoho CRM Lead Magnet | 5.4 | - | 2021-10-05 |
| CVE-2016-1159 | ZOHO Password Manager Pro 信息泄露漏洞 — Password Manager Pro (PMP) | 7.5 | - | 2020-03-09 |
| CVE-2017-11511 | ZOHO ManageEngine ServiceDesk 安全漏洞 — ManageEngine ServiceDeskCWE-22 | 7.5 | - | 2017-11-08 |
| CVE-2017-11512 | ZOHO ManageEngine ServiceDesk 安全漏洞 — ManageEngine ServiceDeskCWE-22 | 7.5 | - | 2017-11-08 |
This page lists every published CVE security advisory associated with ZOHO. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.