First published: Wed Jul 06 2022(Updated: )
HTML injection vulnerability in secure messages of Devolutions Server before 2022.2 allows attackers to alter the rendering of the page or redirect a user to another site.
Credit: security@devolutions.net
Affected Software | Affected Version | How to fix |
---|---|---|
Devolutions Devolutions Server | <2022.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-2316.
The title of the vulnerability is 'HTML injection vulnerability in secure messages of Devolutions Server before 2022.2 allows attackers...'
The vulnerability is an HTML injection vulnerability in secure messages of Devolutions Server before version 2022.2, which allows attackers to alter the rendering of the page or redirect a user to another site.
The Devolutions Server before version 2022.2 is affected by this vulnerability.
The severity of CVE-2022-2316 is medium with a CVSS score of 5.4.
To fix the HTML injection vulnerability in Devolutions Server, you should update to version 2022.2 or later.
Yes, for more information about this vulnerability, you can refer to the following link: [CVE-2022-2316](https://devolutions.net/security/advisories/DEVO-2022-0006).