CVE-2019-13080: XSS
First published: Wed Nov 06 2019(Updated: )
Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via an SVG image and HTML file) that allows an authenticated user to execute arbitrary JavaScript in an administrator's browser.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Quest KACE Systems Management Appliance | =9.1.317 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-13080?
CVE-2019-13080 is an XSS vulnerability in Quest KACE Systems Management Appliance Server Center 9.1.317.
How does CVE-2019-13080 affect Quest KACE Systems Management Appliance?
CVE-2019-13080 allows an authenticated user to execute arbitrary JavaScript in an administrator's browser.
What is the severity of CVE-2019-13080?
CVE-2019-13080 has a severity rating of medium (5.4).
How can I fix CVE-2019-13080?
A patch or update provided by Quest for KACE Systems Management Appliance version 9.1.317 is required to fix CVE-2019-13080.
Where can I find more information about CVE-2019-13080?
More information about CVE-2019-13080 can be found on the Quest support website and the official Quest product page.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/quest
- canonical/quest kace systems management appliance
- version/quest kace systems management appliance/9.1.317