Portal Portal Forum Forum Devolutions Force Devolutions Force Devolutions Hub Business Devolutions Hub Business Devolutions Hub Personal Devolutions Hub Personal Tools RDM RDM Web Login Web Login Workspace Workspace Launcher Launcher

Security & Compliance

Security & Compliance Reporting a Security Issue Advisories

DEVO-2021-0003

Summary

A cross-site scripting (XSS) vulnerability was fixed in Remote Desktop Manager.

Affected Products

Remote Desktop Manager 2020.3 and earlier

Change Log

Initial publication - 2021-03-30

Severity

Medium

Product

Remote Desktop Manager

Fix Version

2021.1

Cross-site scripting (XSS) in administration reports (CVE-2021-28047)

Description

A cross-site scripting (XSS) vulnerability in the application could allow an actor to inject malicious javascript code in some form fields that are rendered in administration reports.

Remediation and Workarounds

Install Remote Desktop Manager 2021.1 or more recent.

Severity

Medium - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Affected Products

Remote Desktop Manager 2020.3 and earlier

CVE(s)

CVE-2021-28047