Vulnerabilities > Quest > Kace Desktop Authority
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-22 | CVE-2021-44028 | XXE vulnerability in Quest Kace Desktop Authority XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an attacker, a related issue to CVE-2018-1285. | 5.5 |
| 2021-12-22 | CVE-2021-44029 | Deserialization of Untrusted Data vulnerability in Quest Kace Desktop Authority An issue was discovered in Quest KACE Desktop Authority before 11.2. | 9.8 |
| 2021-12-22 | CVE-2021-44030 | Cross-site Scripting vulnerability in Quest Kace Desktop Authority Quest KACE Desktop Authority before 11.2 allows XSS because it does not prevent untrusted HTML from reaching the jQuery.htmlPrefilter method of jQuery. | 6.1 |
| 2021-12-22 | CVE-2021-44031 | Unrestricted Upload of File with Dangerous Type vulnerability in Quest Kace Desktop Authority An issue was discovered in Quest KACE Desktop Authority before 11.2. | 9.8 |