CyberSec.Space Logo
Back to CVE Browser

CVE-2021-44030

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.0970%
EPSS Percentile3.98th
PublishedDec 22, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery.

Affected Platforms (CPE)

📦
Quest

Kace Desktop Authority

>= 10.0 and < 11.2

References & Advisories

🔗 https://support.quest.com/kace-desktop-authority/kb/336098/quest-response-to-desktop-authority-vulnerabilities-prior-to-11-2
🔗 https://support.quest.com/kace-desktop-authority/kb/336098/quest-response-to-desktop-authority-vulnerabilities-prior-to-11-2

Related Vulnerabilities

CVE-2021-440299.8

An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code th...

CVE-2021-440319.8

An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertim...

CVE-2021-440285.5

XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacke...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.