Vulnerability Details CVE-2020-11541
In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity (XXE) injection issue exists that would allow a local attacker to exfiltrate data under the local Administrator account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.0%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
Products affected by CVE-2020-11541
-
cpe:2.3:a:techsmith:snagit:18.2.3
-
cpe:2.3:a:techsmith:snagit:18.2.4
-
cpe:2.3:a:techsmith:snagit:18.2.5
-
cpe:2.3:a:techsmith:snagit:19.0.0
-
cpe:2.3:a:techsmith:snagit:19.0.1
-
cpe:2.3:a:techsmith:snagit:19.1.0.2653
-
cpe:2.3:a:techsmith:snagit:19.1.1
-
cpe:2.3:a:techsmith:snagit:19.1.1.2860
-
cpe:2.3:a:techsmith:snagit:19.1.2
-
cpe:2.3:a:techsmith:snagit:19.1.3
-
cpe:2.3:a:techsmith:snagit:19.1.4
-
cpe:2.3:a:techsmith:snagit:19.1.5
-
cpe:2.3:a:techsmith:snagit:19.1.6
-
cpe:2.3:a:techsmith:snagit:20.0.0
-
cpe:2.3:a:techsmith:snagit:20.0.1
-
cpe:2.3:a:techsmith:snagit:20.0.2
-
cpe:2.3:a:techsmith:snagit:20.0.3