Arbitrary Code Injection in Administrative Reports in Devolutions Remote Desktop Manager before 2021.1

CVE-2021-28047 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Cross-Site Scripting (XSS) in Administrative Reports in Devolutions Remote Desktop Manager before 2021.1 allows remote authenticated users to inject arbitrary web script or HTML via multiple input fields.

Learn more about our Cis Benchmark Audit For Desktop Software.