ManageEngine Desktop Central < 10.1.2137.8 - Unauthenticated Sensitive Information Exposure via HTTP Redirect
Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone. The internal hostname can be discovered by reading HTTP redirect responses.