Ironmansoftware: >> Powershell Universal >> 3.10.0 Security Vulnerabilities
Cross-site Scripting vulnerability in Devolutions PowerShell Universal.This issue affects Powershell Universal: before 4.5.6, before 5.6.13.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-01-07
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1.
CVSS Score
8.8
EPSS Score
0.016
Published
2023-11-23