Home

CVE-2020-8238

Description

A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure < 9.1R8.2 could allow attackers to conduct Cross-Site Scripting (XSS).

Risk Information

Base Score
6.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.131

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r3Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r4Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r4.1Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r4.2Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r4.3Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r5Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r6Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r7Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r8Windows
Multiple Vulnerabilities are affected in Ivanti Connect Secure 9.1.r8.1Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234