Natalie Runyan

**Name of the Vulnerable Software and Affected Versions** Ideagen DevonWay versions prior to 2.62.4 Ideagen DevonWay version 2.62 LTS **Description** Ideagen DevonWay contains a stored cross-site scripting issue. An authenticated attacker can create a malicious payload within the 'Reports' page. This payload will execute when another user views the report. The vulnerable component is the 'Reports' page. **Recommendations** Update Ideagen DevonWay to version 2.62.4 or later. Update Ideagen DevonWay to version 2.62 LTS or later.