Mentor · Mentor - Employee Portal · CVE-2024-5675
**Name of the Vulnerable Software and Affected Versions**
Mentor - Employee Portal version 3.83.35
**Description**
The issue is related to an untrusted data deserialization vulnerability. This could allow an attacker to execute arbitrary code by injecting a malicious payload into the `ViewState` field.
**Recommendations**
For version 3.83.35, update the software to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to the `ViewState` field to minimize the risk of exploitation.