Quest KACE SMA /common/run_cross_report.php 'fmt' XSS

Short Info

Level

Medium

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

23 days 16 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

The 'fmt' parameter of the '/common/run_cross_report.php' script in the the Quest KACE System Management Appliance 8.0.318 is vulnerable to cross-site scripting.

References:

https://nvd.nist.gov/vuln/detail/CVE-2018-11133
https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities

Get started to protecting your digital assets

Start trial See the plans

Quest KACE SMA /common/run_cross_report.php 'fmt' XSS

Short Info

-

Detail

Category