PT-2026-2213 · Ideagen · Ideagen Devonway
Fernando Martinez
+3
·
Published
2026-01-08
·
Updated
2026-01-09
·
CVE-2026-22587
CVSS v3.1
5.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Ideagen DevonWay versions prior to 2.62.4
Ideagen DevonWay version 2.62 LTS
Description
Ideagen DevonWay contains a stored cross-site scripting issue. An authenticated attacker can create a malicious payload within the 'Reports' page. This payload will execute when another user views the report. The vulnerable component is the 'Reports' page.
Recommendations
Update Ideagen DevonWay to version 2.62.4 or later.
Update Ideagen DevonWay to version 2.62 LTS or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ideagen Devonway