DriveLock Operations Center is a network management and monitoring tool used by some organizations to manage their network devices. This vulnerability allows attackers to take over a user's session on the DriveLock Operations Center web interface by injecting malicious JavaScript code.
You're affected if you use DriveLock Operations Center version 25.1.2 before 25.1.5. Check with your IT department or network administrator if your organization uses DriveLock products.
Version info: 25.1.2 - 25.1.4 (inclusive)
Upgrade to version 25.1.5 or later from the official DriveLock website: https://drivelock.help/en/versions/current/web/releasenotes/Content/ReleaseNotes_DriveLock/SecurityBulletins/25-002-CrossSiteScripting.htm
Immediate mitigations:
- Restrict network access to your DriveLock Operations Center instance (firewall it from the public internet)
- Audit session activity for suspicious login patterns