Vulnerabilities

CVE-2024-0589

by Fred · 31/01/2024

Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry.

More information : https://devolutions.net/security/advisories/DEVO-2024-0001/

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : LOW
User interaction : REQUIRED
Confidentiality impact : LOW
Integrity impact : LOW
Base score : 5.4
Base severity : MEDIUM
Exploitability score : 2.3
Impact score : 2.7

Similar

Tags: Cybersecurity Alert