Show filters
26 Total Results
Displaying 21-26 of 26
Sort by:
Attacker Value
Unknown
CVE-2021-28157
Disclosure Date: April 14, 2021 (last updated February 22, 2025)
An SQL Injection issue in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows an administrative user to execute arbitrary SQL commands via a username in api/security/userinfo/delete.
0
Attacker Value
Unknown
CVE-2021-28048
Disclosure Date: April 14, 2021 (last updated February 22, 2025)
An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page.
0
Attacker Value
Unknown
CVE-2021-23921
Disclosure Date: April 01, 2021 (last updated February 22, 2025)
An issue was discovered in Devolutions Server before 2020.3. There is broken access control on Password List entry elements.
0
Attacker Value
Unknown
CVE-2021-23925
Disclosure Date: April 01, 2021 (last updated February 22, 2025)
An issue was discovered in Devolutions Server before 2020.3. There is a cross-site scripting (XSS) vulnerability in entries of type Document.
0
Attacker Value
Unknown
CVE-2021-23923
Disclosure Date: April 01, 2021 (last updated February 22, 2025)
An issue was discovered in Devolutions Server before 2020.3. There is Broken Authentication with Windows domain users.
0
Attacker Value
Unknown
CVE-2021-23924
Disclosure Date: April 01, 2021 (last updated February 22, 2025)
An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive information in diagnostic files.
0
