An XSS issue was found with Psaldownload.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.3R2 before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX or PPS 5.2RX.
References
| Link | Resource |
|---|---|
| http://www.securityfocus.com/bid/109033 | |
| https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
27 Feb 2024, 21:04
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:ivanti:connect_secure:8.3:r1:*:*:*:*:*:* | |
| First Time |
Ivanti connect Secure
Ivanti |
Information
Published : 2019-06-28 18:15
Updated : 2024-02-28 17:08
NVD link : CVE-2018-20814
Mitre link : CVE-2018-20814
CVE.ORG link : CVE-2018-20814
JSON object : View
Products Affected
pulsesecure
- pulse_policy_secure
ivanti
- connect_secure
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')