2 matches found
CVE-2020-15352
An XML external entity XXE vulnerability in Pulse Connect Secure PCS before 9.1R9 and Pulse Policy Secure PPS before 9.1R9 allows remote authenticated admins to conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request...
CVE-2020-15352
CVE-2020-15352 is an XXE-based SSRF vulnerability in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) prior to 9.1R9. The issue arises from an XML External Entity in crafted XML requests that remote authenticated admins can abuse to reach server-side resources. Public sources in the conne...