This document provides information about the different cross-site scripting (XSS) vulnerabilities detected in Mobile Device Manager Plus and provides the resolution to secure the server from these vulnerabilities
Vulnerability Description
Detected by
Fix available in build
Fix released on
XSS vulnerability in the product login screen
Ken Pyle
92698
Nov 5, 2019
XSS vulnerability in the Geofencing page
Zoho Corp.
92666
Oct 29, 2019
XSS vulnerability in the Audit Log view
Zoho Corp.
92666
Oct 29, 2019
XSS vulnerability in the Upload App page
Guhan Raja
92340
Aug 17, 2018
The fixes for the above mentioned vulnerabilities were released in the build numbers mentioned above. If your MDM server is affected by the vulnerability or is running a version below the build number mentioned, upgrade your Mobile Device Manager Plus server to the appropriate build to resolve the issues.
For more updates on security fixes, follow our Vulnerability Updates forums.