← volver
CVE-2020-35727

CVE-2020-35727

EPSS 1.3%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
11 ene 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the BrowseDirs.do file via the title parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://clandestinelabs.io/security-advisories/advisory-multiple-vulnerabilities-in-quest-policy-authority-for-unified-communicationshttps://un4gi.io/blog/multiple-vulnerabilities-in-quest-policy-authority-for-unified-communications