MEDIUM✓ PATCH🇬🇧 English

CVE-2020-13183

CVSS 6.1v3.1pub. 2020-08-17upd. 2024-11-21

Reflected Cross Site Scripting in Teradici PCoIP Management Console prior to 20.07 could allow an attacker to take over the user's active session if the user is exposed to a malicious payload.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Teradici Pcoip Management Console

    APP
    Teradici
    < 20.07
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2017-20121HIGH7.8ten sam produkt

A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by ...

CVE-2020-10965HIGH8.1ten sam produkt

Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via log...

CVE-2021-35451MEDIUM6.1ten sam produkt

In Teradici PCoIP Management Console-Enterprise 20.07.0, an unauthenticated user can inject arbitrary text int...

CVE-2020-13174MEDIUM6.1ten sam produkt

The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set the X-Frame-...

CVE-2021-25689CRITICAL9.8ten sam vendor

An out of bounds write in Teradici PCoIP soft client versions prior to version 20.10.1 could allow an attacker...