CVE-2018-20807
published 2019-06-28CVE-2018-20807: An XSS issue has been found in welcome.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1.x before 8.1R12, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 due to…
PriorityP425medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EPSS
1.60%
72.8th percentile
An XSS issue has been found in welcome.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1.x before 8.1R12, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 due to one of the URL parameters not being sanitized properly.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | connect_secure | — | — |
| ivanti | connect_secure | — | — |
| ivanti | connect_secure | — | — |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ivanti
Ivanti Security Advisory: CVE-2018-20807
vendor_ivanti·2019-06-28·CVSS 6.1
CVE-2018-20807 [MEDIUM] CWE-79 Ivanti Security Advisory: CVE-2018-20807
Ivanti Security Advisory: CVE-2018-20807
An XSS issue has been found in welcome.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1.x before 8.1R12, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 due to one of the URL parameters not being sanitized properly.
CVE IDs: CVE-2018-20807
CVSS Base Score: 6.1
Severity: MEDIUM
CWEs: CWE-79
GHSA
GHSA-7xqg-h9pv-h2hr: An XSS issue has been found in welcome
ghsa_unreviewed·2022-05-24
CVE-2018-20807 [MEDIUM] CWE-79 GHSA-7xqg-h9pv-h2hr: An XSS issue has been found in welcome
An XSS issue has been found in welcome.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1.x before 8.1R12, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 due to one of the URL parameters not being sanitized properly.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-06-28
Published