257 matches found
CVE-2023-26291
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Cloud Security Gateway CSG Portal on Web Cloud Security Gateway, Email Security Cloud loginform.mhtml modules, Forcepoint Web Security Portal on Hybrid loginform.mhtml modules allows...
CVE-2023-26290
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Cloud Security Gateway CSG Portal on Web Cloud Security Gateway, Email Security Cloud loginresetrequest.mhtml modules, Forcepoint Web Security Portal on Hybrid loginresetrequest.mhtml...
CVE-2023-26290
The CVE describes a Reflected Cross-Site Scripting (XSS) in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway and related Web/Web Security Portal components (login_reset_request.mhtml modules) that could allow an attacker to execute script in a victim’s browser. Root ca...
CVE-2023-26290
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Cloud Security Gateway CSG Portal on Web Cloud Security Gateway, Email Security Cloud loginresetrequest.mhtml modules, Forcepoint Web Security Portal on Hybrid loginresetrequest.mhtml...
PT-2023-20588 · Forcepoint · Forcepoint Web Security +1
Name of the Vulnerable Software and Affected Versions: Forcepoint Cloud Security Gateway CSG versions prior to 03/29/2023 Forcepoint Web Security versions prior to 03/29/2023 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site...
PT-2023-20590 · Forcepoint · Forcepoint Web Security +1
Name of the Vulnerable Software and Affected Versions: Forcepoint Cloud Security Gateway CSG versions prior to 03/29/2023 Forcepoint Web Security versions prior to 03/29/2023 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site...
Forcepoint Cloud Security Gateway 跨站脚本漏洞
Forcepoint Cloud Security Gateway is a converged cloud security service from Forcepoint. A security vulnerability exists in Forcepoint Cloud Security Gateway. An attacker could exploit this vulnerability to conduct reflective cross-site scripting XSS attacks...
Forcepoint Cloud Security Gateway 跨站脚本漏洞
Forcepoint Cloud Security Gateway is a converged cloud security service from Forcepoint. A security vulnerability exists in Forcepoint Cloud Security Gateway. An attacker could exploit this vulnerability to conduct reflective cross-site scripting XSS attacks...
Forcepoint Cloud Security Gateway 跨站脚本漏洞
Forcepoint Cloud Security Gateway is a converged cloud security service from Forcepoint. A security vulnerability exists in Forcepoint Cloud Security Gateway that stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability...
PT-2023-20589 · Forcepoint · Forcepoint Web Security +1
Name of the Vulnerable Software and Affected Versions: Forcepoint Cloud Security Gateway CSG versions before 03/29/2023 Forcepoint Web Security versions before 03/29/2023 Description: The issue is related to improper neutralization of input during web page generation, which allows reflected...
CVE-2022-1700
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in the Policy Engine of Forcepoint Data Loss Prevention DLP, which is also leveraged by Forcepoint One Endpoint F1E, Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20...
CVE-2022-1700
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in the Policy Engine of Forcepoint Data Loss Prevention DLP, which is also leveraged by Forcepoint One Endpoint F1E, Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20...
Xxe
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in the Policy Engine of Forcepoint Data Loss Prevention DLP, which is also leveraged by Forcepoint One Endpoint F1E, Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20...
CVE-2022-1700
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in the Policy Engine of Forcepoint Data Loss Prevention DLP, which is also leveraged by Forcepoint One Endpoint F1E, Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20...
CVE-2022-1700
CVE-2022-1700 is an XXE vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP). The XML parser was configured to allow external entities/DTDs, affecting DLP versions before 8.8.2 and related products: Forcepoint One Endpoint (Policy Engine before 8.8.2), Forcepoint Web Securi...
Forcepoint Data Loss Prevention 代码问题漏洞
Forcepoint Data Loss Prevention Forcepoint DLP is a data loss prevention software from Forcepoint Corporation, USA. A security vulnerability in the Policy Engine component of Forcepoint Data Loss Prevention stems from an incorrectly configured XML parser in the Policy Engine that fails to support...
CVE-2022-27608
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with Administrator privileges. This could result in a user disabling anti-tampering mechanisms which would then allow the user to disable Forcepoint One Endpoint and the...
CVE-2022-27608
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with Administrator privileges. This could result in a user disabling anti-tampering mechanisms which would then allow the user to disable Forcepoint One Endpoint and the...
CVE-2022-27609
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could result in a user disabling Forcepoint One Endpoint and the protection offered by it...
CVE-2022-27609
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could result in a user disabling Forcepoint One Endpoint and the protection offered by it...