Sécurité et conformité
DEVO-2024-0001
Résumé
Remote Desktop Manager Windows is affected by a vulnerability.
Produits affectés
Remote Desktop Manager Windows 2023.3.36.0 and earlier.
Journal des modifications
2024-01-31 - Initial Publication
Sévérité
Medium
Produit
Remote Desktop Manager
Version corrigée
2023.3.37
Cross-site scripting (XSS) vulnerability in the entry overview tab
Description
Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry.
Mesures correctives et solutions de contournement
Upgrade to Remote Desktop Manager 2023.3.37.0 or higher
Sévérité
4.8 Medium - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/U:Green
Produits affectés
Remote Desktop Manager Windows 2023.3.36.0 and earlier
CVE(s)
CVE-2024-0589