CVE-2020-6590

CVE-2020-6590 affects Forcepoint Web Security Content Gateway versions prior to 8.5.4, where improper processing of XML input leads to information disclosure. The issue is rooted in XML handling (XML input processing) and can be triggered remotely over the network with low attack complexity; no u...

CVE-2020-6590

Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leading to information disclosure...

Forcepoint Web Security Content Gateway 代码问题漏洞

Forcepoint Web Security Content Gateway is an application gateway from Forcepoint, USA. A code issue vulnerability exists in Forcepoint Web Security Content Gateway versions prior to 8.5.4 that stems from incorrectly processing XML input, which can lead to information disclosure...

Forcepoint and Microsoft: Risk-based access control for the remote workforce

This blog post is part of the Microsoft Intelligence Security Association MISA guest blog series. Learn more about MISA here. Adopting cloud-based services as part of an organization’s digital transformation strategy is no longer optional, its a necessity. Last year, only 18 percent of the...

Forcepoint Web Security Cross-Site Scripting Vulnerability

Forcepoint Web Security provides the defenses you need to protect against Advanced Points of Attack APTs in a proxy architecture, with instant threat analysis and forensic reporting at the gateway. A cross-site scripting vulnerability exists in Forcepoint Web Security. The vulnerability stems fro...

Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting

Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting Exploit Title: Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting Exploit Author: Prasenjit Kanti Paul Vendor Homepage: https://www.forcepoint.com/ Software Link: https://www.forcepoint.com/product/cloud-security/web-security...

Forcepoint WebSecurity 8.5 Cross Site Scripting

Exploit Title: Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting Exploit Author: Prasenjit Kanti Paul Vendor Homepage: https://www.forcepoint.com/ Software Link: https://www.forcepoint.com/product/cloud-security/web-security Version: Forcepoint Web Security 8.5 Tested on: Windows 7,10...

Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting Exploit Author: Prasenjit Kanti Paul Vendor Homepage: https://www.forcepoint.com/ Software Link: https://www.forcepoint.com/product/cloud-security/web-security...

Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting

Exploit Title: Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting Exploit Author: Prasenjit Kanti Paul Vendor Homepage: https://www.forcepoint.com/ Software Link: https://www.forcepoint.com/product/cloud-security/web-security Version: Forcepoint Web Security 8.5 Tested on: Windows 7,10...

CVE-2019-6146

It has been reported that cross-site scripting XSS is possible in Forcepoint Web Security, version 8.x, via host header injection. CVSSv3.0: 5.3 Medium /AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N...

CVE-2019-6146

It has been reported that cross-site scripting XSS is possible in Forcepoint Web Security, version 8.x, via host header injection. CVSSv3.0: 5.3 Medium /AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N...

Cross site scripting

It has been reported that cross-site scripting XSS is possible in Forcepoint Web Security, version 8.x, via host header injection. CVSSv3.0: 5.3 Medium /AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N...

CVE-2019-6146

It has been reported that cross-site scripting XSS is possible in Forcepoint Web Security, version 8.x, via host header injection. CVSSv3.0: 5.3 Medium /AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N...

CVE-2019-6146

CVE-2019-6146 affects Forcepoint Web Security (version 8.x). The issue is a cross-site scripting (XSS) vulnerability resulting from host header injection in the web application, enabling potential execution of client-side script when a crafted request is processed. The vulnerability is documented...

Stable Channel Update for Desktop

The stable channel has been updated to 79.0.3945.130 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The...

Unspecified Vulnerability in Forcepoint NGFW Security Management Center

Forcepoint NGFW Security Management Center SMC is a Forcepoint product that provides unified, centralized management capabilities for Forcepoint's next-generation firewalls. A security vulnerability exists in Forcepoint NGFW SMC versions prior to 6.5.12 and prior to 6.7.1. An attacker could explo...

CVE-2019-6147

Forcepoint NGFW Security Management Center SMC versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next...

CVE-2019-6147

Forcepoint NGFW Security Management Center SMC versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next...

Design/Logic Flaw

Forcepoint NGFW Security Management Center SMC versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next...

CVE-2019-6147

Forcepoint NGFW Security Management Center SMC versions lower than 6.5.12 or 6.7.1 have a rare issue that in specific circumstances can corrupt the internal configuration database. When the database is corrupted, the SMC might produce an incorrect IPsec configuration for the Forcepoint Next...