Security Vulnerabilities fixed in Snagit 20.1.0
Description
In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity (XXE) injection issue exists that would allow a local attacker to exfiltrate data under the local Administrator account. In version 19.1.1.2860 Winodws installer XML (WiX) toolset is vulnerable and allows attackers to escalate privileges. And in version 19.1.0.2653 a vulnerability due to the Object Linking and Embedding (OLE) also has escalate privileges vulnerabilities
Affected Applications
Snagit