Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery.
References
Configurations
Information
Published : 2021-12-21 22:15
Updated : 2021-12-27 09:04
NVD link : CVE-2021-44030
Mitre link : CVE-2021-44030
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
quest
- kace_desktop_authority