Remote Injection of Arbitrary Web Script or HTML in Quest KACE Systems Management Appliance (SMA) through 12.1

Remote Injection of Arbitrary Web Script or HTML in Quest KACE Systems Management Appliance (SMA) through 12.1

CVE-2022-38220 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An XSS vulnerability exists within Quest KACE Systems Management Appliance (SMA) through 12.1 that may allow remote injection of arbitrary web script or HTML.

Learn more about our Web App Pen Testing.