3 matches found
CVE-2020-6590
CVE-2020-6590 affects Forcepoint Web Security Content Gateway versions prior to 8.5.4, where improper processing of XML input leads to information disclosure. The issue is rooted in XML handling (XML input processing) and can be triggered remotely over the network with low attack complexity; no u...
CVE-2022-1700
CVE-2022-1700 is an XXE vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP). The XML parser was configured to allow external entities/DTDs, affecting DLP versions before 8.8.2 and related products: Forcepoint One Endpoint (Policy Engine before 8.8.2), Forcepoint Web Securi...
CVE-2024-2166
CVE-2024-2166 affects Forcepoint Email Security (Real Time Monitor modules). Root cause: improper neutralization of input during web page generation, leading to a reflected cross-site scripting (XSS) vulnerability. Affected product version: Email Security prior to 8.5.5 HF003. CVSS details from N...