CVE-2025-2280
3/13/2025 1:15:58 PM
دیروز
دیروز
1
Reporter :security@devolutions.net
Modified :3/13/2025 1:15:58 PM
Problem Data :CWE-284
Description
Improper access control in web extension restriction feature in Devolutions Server 2024.3.13 and earlier allows an authenticated user to bypass the browser extension restriction feature.
EPSS
| Epss Score | 0 |
|---|---|
| Epss Percentile | 0 |
Note: Consider this fact that the EPSS model relies on historical data and real-world exploit information to calculate the probability of exploitation. When a CVE is newly published, there isn't enough data available to determine its likelihood of being exploited. As a result, the EPSS score defaults to 0 until more information becomes available.
Reference
| لینک | منبع | تگ ها |
|---|---|---|
| https://devolutions.net/security/advisories/DEVO-2025-0004/ |