| Landesk Management Suite is prone to multiple remote file-include vulnerabilities and a cross-site request-forgery vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information, execute arbitrary script code in the context of the web server process and to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks. |
