Cross-Site Scripting (XSS) Vulnerability in Quest KACE Desktop Authority before 11.2

Cross-Site Scripting (XSS) Vulnerability in Quest KACE Desktop Authority before 11.2

CVE-2021-44030 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery.

Learn more about our Cis Benchmark Audit For Desktop Software.