2 matches found
SA40771 - 2017-07 Security Bulletin: Pulse Connect Secure (PCS) / Pulse Policy Secure (PPS): Cross Site Scripting Issue
Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Multiple cross site scripting issues has been found in the Pulse Connect Secure / Pulse Policy Secure device. The cause of this issue is due to incorrect validation of user input sent t...
CVE-2017-11194
Pulse Connect Secure 8.3R1 is affected by CVE-2017-11194: a reflected XSS in adminservercacertdetails.cgi where the certid parameter is reflected without proper sanitization, enabling crafted payloads that can inject HTML/tags and may lead to command-like actions in the user’s browser. The issue ...