Insufficient Warnings for Imported Fixlet Scripts Pose Security Vulnerability

Insufficient Warnings for Imported Fixlet Scripts Pose Security Vulnerability

CVE-2022-42453 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

There are insufficient warnings when a Fixlet is imported by a user. The warning message currently assumes the owner of the script is the logged in user, with insufficient warnings when attempting to run the script.

Learn more about our User Device Pen Test.