CVE List


Moderate 6.1

** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Web Compliance Manager in Quest Policy Authority version allows attackers to inject malicious code into the browser via a specially crafted link to the cConn.jsp file via the ur parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Published January 11, 2021.

Affected software

Quest Policy Authority For Unified Communications

Reference links

Sign Up for Alerts