Zscaler Zscaler Internet Access Admin Portal — known CVE vulnerabilities
Every CVE whose affected-product data names Zscaler Zscaler Internet Access Admin Portal, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-28801 — CVSS 9.6 (critical): An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler Admin UI allows a Privilege Escalation.This…
CVE-2026-22567 — CVSS 7.6 (high): Improper validation of user-supplied input in the ZIA Admin UI could allow an authenticated administrator to initiate backend functions…
CVE-2026-22568 — CVSS 5.5 (medium): Improper neutralization of special elements in user-supplied input within the ZIA Admin UI could allow an authenticated administrator to…