First published: Thu Apr 01 2021(Updated: )
Cross-Site Scripting (XSS) in Administrative Reports in Devolutions Remote Desktop Manager before 2021.1 allows remote authenticated users to inject arbitrary web script or HTML via multiple input fields.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Devolutions Remote Desktop Manager | <2021.1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-28047 is a vulnerability in Devolutions Remote Desktop Manager that allows remote authenticated users to inject arbitrary web script or HTML via multiple input fields.
CVE-2021-28047 has a severity rating of 5.4, which is considered medium.
CVE-2021-28047 can be exploited by remote authenticated users who can inject arbitrary web script or HTML via multiple input fields.
Devolutions Remote Desktop Manager before version 2021.1.0 is affected by CVE-2021-28047.
To fix CVE-2021-28047, update Devolutions Remote Desktop Manager to version 2021.1.0 or later.