CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-44030

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.0970%
EPSS Percentile3.98th
Published2021年12月22日
Last Modified2024年11月21日

Vulnerability Description

Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery.

Affected Platforms (CPE)

📦
Quest

Kace Desktop Authority

>= 10.0 and < 11.2

References & Advisories

🔗 https://support.quest.com/kace-desktop-authority/kb/336098/quest-response-to-desktop-authority-vulnerabilities-prior-to-11-2
🔗 https://support.quest.com/kace-desktop-authority/kb/336098/quest-response-to-desktop-authority-vulnerabilities-prior-to-11-2

相關漏洞威脅

CVE-2021-440299.8

An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code th...

CVE-2021-440319.8

An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertim...

CVE-2021-440285.5

XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacke...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.