CVE-2023-35854 — Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privilege — CVE Database · The Intelligence Room