CVE-2019-13080

Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via an SVG image and HTML file) that allows an authenticated user to execute arbitrary JavaScript in an administrator's browser.
Configurations

Configuration 1 (hide)

cpe:2.3:a:quest:kace_systems_management_appliance:9.1.317:*:*:*:*:*:*:*

History

21 Nov 2024, 04:24

Type Values Removed Values Added
References () https://support.quest.com/kb/311388/quest-response-to-certezza-vulnerability-report - Vendor Advisory () https://support.quest.com/kb/311388/quest-response-to-certezza-vulnerability-report - Vendor Advisory
References () https://www.quest.com/products/kace-systems-management-appliance/ - Product () https://www.quest.com/products/kace-systems-management-appliance/ - Product

Information

Published : 2019-11-06 15:15

Updated : 2024-11-21 04:24


NVD link : CVE-2019-13080

Mitre link : CVE-2019-13080

CVE.ORG link : CVE-2019-13080


JSON object : View

Products Affected

quest

  • kace_systems_management_appliance
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')