PT-2024-1978 · Unknown · Meshcentral
Name of the Vulnerable Software and Affected Versions: MeshCentral versions prior to 1.1.21 Description: The issue is a cross-site websocket hijacking CSWSH vulnerability within the "control.ashx" endpoint, which is the primary mechanism used to perform administrative actions on the server. This...