Design/Logic Flaw

2019-11-0615:15:00

PRIOn knowledge base

www.prio-n.com

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

JSON

Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via an SVG image and HTML file) that allows an authenticated user to execute arbitrary JavaScript in an administrator’s browser.

CPENameOperatorVersion
kace_systems_management_applianceeq9.1.317

CPE	Name	Operator	Version
	kace_systems_management_appliance	eq	9.1.317

References

support.quest.com/kb/311388/quest-response-to-certezza-vulnerability-report

www.quest.com/products/kace-systems-management-appliance/