Lucene search
K

4 matches found

Ivanti
Ivanti
added 2023/02/14 7:22 a.m.7 views

SA43018 - 2018-01 Out-Of-Cycle Advisory: Pulse Connect Secure (PCS) / Pulse Policy Secure (PPS): Cross Site Scripting Issue

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. A cross site scripting issue with custompage.cgi has been found in the Pulse Connect Secure / Pulse Policy Secure device. The cause is due to one of the URL parameters not sanitized. Th...

4.8CVSS6AI score0.00503EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/02/08 12:0 a.m.19 views

Pulse Policy Secure Cross-Site Scripting Vulnerability (SA43018)

According to its self-reported version, the version of Pluse Policy Secure running on the remote host is affected by a cross-site scripting vulnerability in custompage.cgi. Refer to the vendor advisory for additional information. C Tenable Network Security, Inc. include"compat.inc"; if descriptio...

4.8CVSS5.3AI score0.00503EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/01/16 9:0 p.m.18 views

CVE-2017-17947

A cross site scripting issue has been found in custompage.cgi in Pulse Secure Pulse Connect Secure PCS before 8.0R17.0, 8.1.x before 8.1R13, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 and Pulse Policy Secure PPS before 5.2R10, 5.3.x before 5.3R9, and 5.4.x before 5.4R3 due to one of the URL...

4.8AI score0.00503EPSS
Exploits0References1
CVE
CVE
added 2018/01/16 9:0 p.m.62 views

CVE-2017-17947

CVE-2017-17947 is a cross-site scripting vulnerability in Pulse Secure’s Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) affecting custompage.cgi. The issue arises from one unsanitized URL parameter, enabling injected script when the attacker is authenticated as an administrator; it does...

4.8CVSS4.8AI score0.00503EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder