Описание
An XSS issue has been found with rd.cgi in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R3 due to improper header sanitization. This is not applicable to 8.1RX.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ivanti:connect_secure:8.3:r1:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:8.3:r2:*:*:*:*:*:*
cpe:2.3:a:ivanti:connect_secure:8.3:r2.1:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.0012
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
An XSS issue has been found with rd.cgi in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R3 due to improper header sanitization. This is not applicable to 8.1RX.
EPSS
Процентиль: 31%
0.0012
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79