VULHUB ™

RemotelyAnywhere has been reported prone to a logout message injection weakness. It has been reported that this issue presents itself due to a lack of sufficient restrictions performed by RemotelyAnywhere on user supplied 'reason' URI parameters. If a target user followed a malicious link, an attacker could potentially abuse this weakness, to include arbitrary messages in logout screens. This may aid in social engineering type attacks against the target user.

RemotelyAnywhere has been reported prone to a logout message injection weakness. It has been reported that this issue presents itself due to a lack of sufficient restrictions performed by RemotelyAnywhere on user supplied 'reason' URI parameters. If a target user followed a malicious link, an attacker could potentially abuse this weakness, to include arbitrary messages in logout screens. This may aid in social engineering type attacks against the target user.