An issue was discovered in Devolutions Server before 2020.3. There is a cross-site scripting (XSS) vulnerability in entries of type Document.
Devolutions
CVE-2021-23924
An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive information in diagnostic files.
CVE-2021-23923
An issue was discovered in Devolutions Server before 2020.3. There is Broken Authentication with Windows domain users.
CVE-2021-23922
An issue was discovered in Devolutions Remote Desktop Manager before 2020.2.12. There is a cross-site scripting (XSS) vulnerability in webviews.
CVE-2021-23921
An issue was discovered in Devolutions Server before 2020.3. There is broken access control on Password List entry elements.
CVE-2022-4287
Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows allows malicious user to access the application.