Exploit for Code Injection in Ivanti Connect_Secure

pulse-gosecure-rce...

CVE-2020-8221

CVE-2020-8221 describes a path traversal weakness in Pulse Connect Secure prior to 9.1R8 that allows an authenticated attacker to read arbitrary files via the administrator web interface. The issue is tied to the Pulse Connect Secure/Policy Secure family (PCS/PPS) with the

PT-2020-6955 · Citrix +1 · Citrix Ica +1

Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure versions prior to 9.1R8 Description: A cross-site scripting XSS issue exists due to insufficient cleaning of user-provided data transmitted through the URL used for Citrix ICA. This allows a remote attacker to conduct an...