Ricardo Ruiz from Exploitdb website has found vulnerability in Zoho ManageEngine ServiceDesk Plus web application.
ServiceDesk Plus MSP is a web based, full-fledged ITSM suite designed specifically for managed service providers.
This all-in-one ITSM solution delivers comprehensive help desk, service desk, account management, asset management, remote controls and advanced reporting in a multi-tenant architecture with robust data segregation.
It empowers service providers to offer services and support to multiple clients with centralized controls.
Refer to the same report version 9.4 is part of this issue.
The new update has been released to fix the problem.
Find more information in this website