3 matches found
CVE-2025-7204
Affected product/versions: ConnectWise PSA
CVE-2026-0696
CVE-2026-0696 affects ConnectWise PSA: in versions older than 2026.1, certain session cookies were not set with HttpOnly. This could allow client-side scripts to access session cookie values, enabling potential exposure of session data. Affected software: ConnectWise PSA prior to 2026.1. Root cau...
CVE-2026-0695
In ConnectWise PSA versions older than 2026.1, Time Entry notes stored in the Time Entry Audit Trail may be rendered without applying output encoding to certain content, which can allow stored script code to execute in the context of a user’s browser when the affected content is displayed. Affect...