CVE-2019-13080

medium

Description

Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability (via an SVG image and HTML file) that allows an authenticated user to execute arbitrary JavaScript in an administrator's browser.

References

https://www.quest.com/products/kace-systems-management-appliance/

https://support.quest.com/kb/311388/quest-response-to-certezza-vulnerability-report

Details

Source: Mitre, NVD

Published: 2019-11-06

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.4

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00403

Detections

Analytics