Quest

Policy Authority For Unified Communications

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2020-35725

Exploit
  • EPSS 0.38%
  • Veröffentlicht 11.01.2021 03:15:14
  • Zuletzt bearbeitet 21.11.2024 05:27:56

Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/index.jsp file via the msg parameter. NOTE: This vulnerability only affects products that a...

6.1

CVE-2020-35726

Exploit
  • EPSS 0.38%
  • Veröffentlicht 11.01.2021 03:15:14
  • Zuletzt bearbeitet 21.11.2024 05:27:57

Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/Applications/Reports/index.jsp file via the by parameter. NOTE: This vulnerability only aff...

5.4

CVE-2020-35727

Exploit
  • EPSS 0.15%
  • Veröffentlicht 11.01.2021 03:15:14
  • Zuletzt bearbeitet 21.11.2024 05:27:57

Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the BrowseDirs.do file via the title parameter. NOTE: This vulnerability only affects products that ar...

6.1

CVE-2020-35203

Exploit
  • EPSS 0.24%
  • Veröffentlicht 11.01.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:26:57

Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the initFile.jsp file via the msg parameter. NOTE: This vulnerability only ...

6.1

CVE-2020-35204

Exploit
  • EPSS 0.24%
  • Veröffentlicht 11.01.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:26:57

Reflected XSS in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the PolicyAuthority/Common/FolderControl.jsp file via the unqID parameter. NOTE: This vulnerability o...

9.8

CVE-2020-35205

Exploit
  • EPSS 0.38%
  • Veröffentlicht 11.01.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:26:58

Server Side Request Forgery (SSRF) in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to scan internal ports and make outbound connections via the initFile.jsp file. NOTE: This vulnerability only affects products t...

6.1

CVE-2020-35206

Exploit
  • EPSS 0.24%
  • Veröffentlicht 11.01.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:26:58

Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the cConn.jsp file via the ur parameter. NOTE: This vulnerability only affe...

6.1

CVE-2020-35719

Exploit
  • EPSS 0.38%
  • Veröffentlicht 11.01.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:27:55

Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/Applications/Search/index.jsp file via the added parameter. NOTE: This vulnerability only a...

5.4

CVE-2020-35720

Exploit
  • EPSS 0.24%
  • Veröffentlicht 11.01.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:27:55

Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious code in multiple fields (first name, last name, and logon name) when creating or modifying a user via the submitUser.jsp file. NOTE: This vulnerability only aff...

5.4

CVE-2020-35721

Exploit
  • EPSS 0.15%
  • Veröffentlicht 11.01.2021 03:15:13
  • Zuletzt bearbeitet 21.11.2024 05:27:55

Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the BrowseAssets.do file via the title parameter. NOTE: This vulnerability only affects products that ...