CVE-2024-38640

Name of the Vulnerable Software and Affected Versions Download Station versions prior to 5.8.6.283

Description A cross-site scripting (XSS) vulnerability has been reported to affect Download Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. The issue exists due to inadequate protection of the web page structure, which may allow a remote attacker to conduct an XSS attack.

Recommendations For Download Station versions prior to 5.8.6.283, upgrade to version 5.8.6.283 or later to resolve the issue. As a temporary workaround, consider restricting access to the Download Station until the update is applied.