exploitDog

GHSA-xwf9-wf96-c767

Опубликовано: 16 июн. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain.

Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain.

Ссылки

EPSS

Процентиль: 2%

0.00112

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-297

Связанные уязвимости

CVE-2026-12162

CVSS3: 5.5

nvd

5 дней назад

Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain.

EPSS

Процентиль: 2%

0.00112

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-297