Quest Policy Authority For Unified Communications — known CVE vulnerabilities
Every CVE whose affected-product data names Quest Policy Authority For Unified Communications, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2020-35205 — CVSS 9.8 (critical): Server Side Request Forgery (SSRF) in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to scan internal…
CVE-2020-35722 — CVSS 6.5 (medium): CSRF in Web Compliance Manager in Quest Policy Authority 8.1.2.200 allows remote attackers to force user modification/creation via a…
CVE-2020-35725 — CVSS 6.1 (medium): Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted…
CVE-2020-35726 — CVSS 6.1 (medium): Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted…
CVE-2020-35206 — CVSS 6.1 (medium): Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the…
CVE-2020-35204 — CVSS 6.1 (medium): Reflected XSS in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially…
CVE-2020-35203 — CVSS 6.1 (medium): Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the…
CVE-2020-35719 — CVSS 6.1 (medium): Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted…
CVE-2020-35727 — CVSS 5.4 (medium): Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted…
CVE-2020-35720 — CVSS 5.4 (medium): Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious code in multiple fields (first name, last name…
CVE-2020-35721 — CVSS 5.4 (medium): Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted…
CVE-2020-35723 — CVSS 5.4 (medium): Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted…
CVE-2020-35724 — CVSS 5.4 (medium): Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted…