CVE-2020-8262
EUVD-2020-2913228.10.2020, 13:15
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ivanti | connect_secure | 9.1:r1 |
| ivanti | connect_secure | 9.1:r2 |
| ivanti | connect_secure | 9.1:r3 |
| ivanti | connect_secure | 9.1:r4 |
| ivanti | connect_secure | 9.1:r5 |
| ivanti | connect_secure | 9.1:r6 |
| ivanti | connect_secure | 9.1:r7 |
| ivanti | connect_secure | 9.1:r8 |
| ivanti | policy_secure | 9.1:r1 |
| ivanti | policy_secure | 9.1:r2 |
| ivanti | policy_secure | 9.1:r3 |
| ivanti | policy_secure | 9.1:r4 |
| ivanti | policy_secure | 9.1:r5 |
| ivanti | policy_secure | 9.1:r6 |
| ivanti | policy_secure | 9.1:r7 |
| ivanti | policy_secure | 9.1:r8 |
| pulsesecure | pulse_connect_secure | 𝑥 < 9.1 |
| pulsesecure | pulse_policy_secure | 𝑥 < 9.1 |
𝑥
= Vulnerable software versions