1.40.1

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-11	CVE-2022-22571	Cross-site Scripting vulnerability in Ivanti Incapptic Connect An authenticated high privileged user can perform a stored XSS attack due to incorrect output encoding in Incapptic connect and affects all current versions. network ivanti CWE-79	3.5
2022-04-11	CVE-2022-22572	Unspecified vulnerability in Ivanti Incapptic Connect A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. network low complexity ivanti	8.8