Security Vulnerabilities fixed in Snagit 20.1.0

description-logoDescription

In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity (XXE) injection issue exists that would allow a local attacker to exfiltrate data under the local Administrator account. In version 19.1.1.2860 Winodws installer XML (WiX) toolset is vulnerable and allows attackers to escalate privileges. And in version 19.1.0.2653 a vulnerability due to the Object Linking and Embedding (OLE) also has escalate privileges vulnerabilities

affected-products-logoAffected Applications

Snagit