Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via an SVG image and HTML file) that allows an authenticated user to execute arbitrary JavaScript in an administrator's browser.
References
Configurations
History
21 Nov 2024, 04:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://support.quest.com/kb/311388/quest-response-to-certezza-vulnerability-report - Vendor Advisory | |
References | () https://www.quest.com/products/kace-systems-management-appliance/ - Product |
Information
Published : 2019-11-06 15:15
Updated : 2024-11-21 04:24
NVD link : CVE-2019-13080
Mitre link : CVE-2019-13080
CVE.ORG link : CVE-2019-13080
JSON object : View
Products Affected
quest
- kace_systems_management_appliance
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')