CVE-2024-0589

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jan 31, 2024

Updated: Feb 3, 2024

CWE ID 79

Summary

CVE-2024-0589 is a cross-site scripting (XSS) vulnerability affecting the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier versions on Windows. An attacker with access to a data source can exploit this flaw by injecting a malicious script into a specially crafted input field in an entry, potentially leading to unintended execution of malicious code. This vulnerability poses a significant risk to users and requires immediate patching to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Devolutions Remote Desktop Manager

Affected Vendors

Devolutions

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uKj0Ew
https://www.cve.org/CVERecord?id=CVE-2024-0589
https://nvd.nist.gov/vuln/detail/CVE-2024-0589

Back to Vulnerability Database