Filtered by vendor Quest
Subscriptions
Filtered by product Policy Authority For Unified Communications
Subscriptions
Total
13 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-35727 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 5.4 Medium |
| Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the BrowseDirs.do file via the title parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35726 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 6.1 Medium |
| Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/Applications/Reports/index.jsp file via the by parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35725 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 6.1 Medium |
| Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/index.jsp file via the msg parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35724 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 5.4 Medium |
| Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the Error.jsp file via the err parameter (or indirectly via the cpr, tcp, or abs parameter). NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35723 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 5.4 Medium |
| Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the ReportPreview.do file via the referer parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35722 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 6.5 Medium |
| CSRF in Web Compliance Manager in Quest Policy Authority 8.1.2.200 allows remote attackers to force user modification/creation via a specially crafted link to the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35721 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 5.4 Medium |
| Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the BrowseAssets.do file via the title parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35720 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 5.4 Medium |
| Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious code in multiple fields (first name, last name, and logon name) when creating or modifying a user via the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35719 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 6.1 Medium |
| Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/Applications/Search/index.jsp file via the added parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35206 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 6.1 Medium |
| Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the cConn.jsp file via the ur parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35205 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 9.8 Critical |
| Server Side Request Forgery (SSRF) in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to scan internal ports and make outbound connections via the initFile.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35204 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 6.1 Medium |
| Reflected XSS in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the PolicyAuthority/Common/FolderControl.jsp file via the unqID parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-35203 | 1 Quest | 1 Policy Authority For Unified Communications | 2024-11-21 | 6.1 Medium |
| Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the initFile.jsp file via the msg parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
Page 1 of 1.