exploitDog

CVE-2024-0589

Опубликовано: 31 янв. 2024

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry.

Ссылки

https://devolutions.net/security/advisories/DEVO-2024-0001/
Vendor Advisory
https://devolutions.net/security/advisories/DEVO-2024-0001/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:*:*:*

Версия до 2023.3.36.0 (включая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00383

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-xh95-48w4-456m

CVSS3: 5.4

github

около 2 лет назад

Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry.

EPSS

Процентиль: 59%

0.00383

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79