TechSmith SnagIt 11.2.1 through 20.0.3 Improper Restriction of XML External Entity Reference Vulnerability

Summary

In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity (XXE) injection issue exists.

Credit:

The information has been provided by Vendor

The original article can be found at:https://support.techsmith.com/hc/en-us/articles/115006435067-Snagit-Windows-Version-History


Details

Allow a local attacker to exfiltrate data under the local Administrator account.

 

Vulnerable Systems:

TechSmith SnagIt 11.2.1 through 20.0.3

 

CVE Information:

CVE-2020-11541

 

Disclosure Timeline:
Published Date:5/8/2020

Categories: News