CVE-2020-35720 is a vulnerability in Quest Software Policy Authority Unified Communications
Published on January 11, 2021

Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious code in multiple fields (first name, last name, and logon name) when creating or modifying a user via the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

NVD

Products Associated with CVE-2020-35720

Want to know whenever a new CVE is published for Quest Software Policy Authority Unified Communications? stack.watch will email you.

Quest Software Policy Authority Unified Communications

Exploit Probability

EPSS

0.24%

Percentile

46.20%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-35720 is a vulnerability in Quest Software Policy Authority Unified CommunicationsPublished on January 11, 2021

Products Associated with CVE-2020-35720

Exploit Probability

CVE-2020-35720 is a vulnerability in Quest Software Policy Authority Unified Communications
Published on January 11, 2021