Описание
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appearance modifier.
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appearance modifier.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-16512
- https://blog.huntresslabs.com/validating-the-bishop-fox-findings-in-connectwise-control-9155eec36a34
- https://know.bishopfox.com/advisories
- https://know.bishopfox.com/advisories/connectwise-control
- https://www.crn.com/news/managed-services/connectwise-control-msp-security-vulnerabilities-are-severe-bishop-fox
- https://www.crn.com/slide-shows/managed-services/connectwise-control-attack-chain-exploit-20-questions-for-security-researcher-bishop-fox
EPSS
Процентиль: 62%
0.00435
Низкий
CVE ID
Связанные уязвимости
CVSS3: 4.8
nvd
около 6 лет назад
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appearance modifier.
EPSS
Процентиль: 62%
0.00435
Низкий