Acronis · Acronis Cyber Protect 15 · CVE-2021-44200
Name of the Vulnerable Software and Affected Versions:
Acronis Cyber Protect 15 versions prior to build 28035
Description:
A self cross-site scripting (XSS) issue was possible on the devices page. This allows an attacker to potentially inject malicious scripts into the webpage, affecting the user's session.
Recommendations:
For Acronis Cyber Protect 15 versions prior to build 28035, update to a version that is build 28035 or later to resolve the issue. As a temporary workaround, consider restricting access to the devices page until a patch is available.