13 matches found
CVE-2020-35720
Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious code in multiple fields first name, last name, and logon name when creating or modifying a user via the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the...
CVE-2020-35719
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/Applications/Search/index.jsp file via the added parameter. NOTE: This vulnerability only affects products that are no longer supported by...
CVE-2020-35204
Reflected XSS in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the PolicyAuthority/Common/FolderControl.jsp file via the unqID parameter. NOTE: This vulnerability only affects products that are no longer support...
PT-2021-11721 · Quest · Quest Policy Authority
Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows attackers to inject malicious code into the browser via a specially crafted link to the "initFile.jsp" file using the msg parameter. This affects products that are no long...
PT-2021-11723 · Quest · Quest Policy Authority
Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows attackers to perform Server Side Request Forgery SSRF in the Web Compliance Manager component, enabling them to scan internal ports and make outbound connections via the...
PT-2021-11836 · Quest · Quest Policy Authority
Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows remote attackers to inject malicious code into the browser via a specially crafted link to the "Error.jsp" file. This can be achieved directly via the err parameter or...
PT-2021-11831 · Quest · Quest Policy Authority
Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows remote attackers to inject malicious code into the browser via a specially crafted link to the "/WebCM/Applications/Search/index.jsp" file via the added parameter. This...
PT-2021-11722 · Quest · Quest Policy Authority
Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows attackers to inject malicious code into the browser via a specially crafted link to the "PolicyAuthority/Common/FolderControl.jsp" file using the unqID parameter. This...
Quest Policy Authority Cross-Site Scripting Vulnerability
Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data text and instant messaging, videoconferencing, email and voicemail between various media. A cross-site scripting vulnerabili...
Quest Policy Authority For Unified Communications Cross-Site Scripting Vulnerability
Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data text and instant messaging, videoconferencing, email and voicemail between various media. A cross-site scripting vulnerabili...
Quest Policy Authority Cross-Site Scripting Vulnerability
Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data between various media text and instant messaging, video conferencing, email and voicemail. A cross-site scripting...
Quest Policy Authority For Unified Communications 跨站脚本漏洞
Quest Policy Authority For Unified Communications is a software from Quest, Inc. that is used in corporate environments to consolidate communication data between various media text and instant messaging, video conferencing, email and voicemail. A cross-site scripting vulnerability in Quest Policy...
Quest Policy Authority Cross-Site Scripting Vulnerability
Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data text and instant messaging, videoconferencing, email and voicemail between various media. A cross-site scripting vulnerabili...