Security & Compliance

DEVO-2021-0001

Affected Products

Remote Desktop Manager 2020.2 and earlier

Change Log

Initial publication - 2021-03-30

Severity

Medium

Product

Remote Desktop Manager

Fix Version

2020.3

Summary

A Cross-Site Scripting (XSS) vulnerability was fixed in Remote Desktop Manager.

Cross-site scripting (XSS) vulnerability in webviews (CVE-2021-23922)

Description

A cross-site scripting (XSS) vulnerability in the application could allow an actor to inject malicious javascript code in some form fields that are rendered by webviews.

Remediation and Workarounds

Install Remote Desktop Manager 2020.3 or more recent.

Severity

Medium - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Affected Products

Remote Desktop Manager 2020.2 and earlier

CVE(s)

CVE-2021-23922

Devolutions Logo
English français Deutsch
Contact Us

Helping organizations control the IT chaos by providing highly-secure password, remote connection and privileged access management solutions.

DEVOLUTIONS 1000 Notre-Dame, Lavaltrie, QC J5T 1M1, Canada
Legal & Privacy infos@devolutions.net
All rights reserved © 2021 Devolutions