Quest Policy Authority for Unified Communications 8.1.2.200
Approved changes feed: RSS · Atom
cpe:2.3:a:quest:policy_authority_for_unified_communications:8.1.2.200:*:*:*:*:*:*:*
part: a version: 8.1.2.200 update: *
| Vendor | Quest (91a9bf17-30f5-5671-ad35-2f5777bc4995) |
|---|---|
| Product | Policy Authority For Unified Communications (6a2fa1f1-db93-53c3-a74d-bec053cf5815) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-35727 |
vulnerable | 2026-06-03 14:42:32.234353 |
Details available
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the BrowseDirs.do file via the title parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:58:51.000Z
Updated: 2024-08-04T17:09:15.109Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35726 |
vulnerable | 2026-06-03 14:42:32.233959 |
Details available
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/Applications/Reports/index.jsp file via the by parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:58:31.000Z
Updated: 2024-08-04T17:09:15.140Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35725 |
vulnerable | 2026-06-03 14:42:32.233574 |
Details available
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/index.jsp file via the msg parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:58:08.000Z
Updated: 2024-11-19T15:08:03.451Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35724 |
vulnerable | 2026-06-03 14:42:32.233196 |
Details available
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the Error.jsp file via the err parameter (or indirectly via the cpr, tcp, or abs parameter). NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:57:43.000Z
Updated: 2024-08-04T17:09:15.195Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35723 |
vulnerable | 2026-06-03 14:42:32.232899 |
Details available
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the ReportPreview.do file via the referer parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:57:12.000Z
Updated: 2024-08-04T17:09:15.154Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35722 |
vulnerable | 2026-06-03 14:42:32.232587 |
Details available
CSRF in Web Compliance Manager in Quest Policy Authority 8.1.2.200 allows remote attackers to force user modification/creation via a specially crafted link to the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:56:50.000Z
Updated: 2024-08-04T17:09:15.208Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35721 |
vulnerable | 2026-06-03 14:42:32.232183 |
Details available
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the BrowseAssets.do file via the title parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:56:08.000Z
Updated: 2024-08-04T17:09:15.166Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35720 |
vulnerable | 2026-06-03 14:42:32.231880 |
Details available
Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious code in multiple fields (first name, last name, and logon name) when creating or modifying a user via the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:55:38.000Z
Updated: 2024-08-04T17:09:15.195Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35719 |
vulnerable | 2026-06-03 14:42:32.231547 |
Details available
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/Applications/Search/index.jsp file via the added parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:55:15.000Z
Updated: 2024-08-04T17:09:15.205Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35206 |
vulnerable | 2026-06-03 14:42:31.699202 |
Details available
Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the cConn.jsp file via the ur parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:51:30.000Z
Updated: 2024-08-04T17:02:07.099Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35205 |
vulnerable | 2026-06-03 14:42:31.698894 |
Details available
Server Side Request Forgery (SSRF) in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to scan internal ports and make outbound connections via the initFile.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:52:14.000Z
Updated: 2024-08-04T17:02:07.034Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35204 |
vulnerable | 2026-06-03 14:42:31.698568 |
Details available
Reflected XSS in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the PolicyAuthority/Common/FolderControl.jsp file via the unqID parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:53:14.000Z
Updated: 2024-08-04T17:02:07.116Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35203 |
vulnerable | 2026-06-03 14:42:31.698044 |
Details available
Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the initFile.jsp file via the msg parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published: 2021-01-11T02:48:16.000Z
Updated: 2024-11-19T15:07:40.039Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.