CVE-2018-20814
published 2019-06-28CVE-2018-20814: An XSS issue was found with Psaldownload.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.3R2 before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2…
PriorityP424medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EPSS
1.59%
72.6th percentile
An XSS issue was found with Psaldownload.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.3R2 before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX or PPS 5.2RX.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | connect_secure | — | — |
| pulsesecure | pulse_policy_secure | — | — |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ivanti
Ivanti Security Advisory: CVE-2018-20814
vendor_ivanti·2019-06-28·CVSS 6.1
CVE-2018-20814 [MEDIUM] CWE-79 Ivanti Security Advisory: CVE-2018-20814
Ivanti Security Advisory: CVE-2018-20814
An XSS issue was found with Psaldownload.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.3R2 before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX or PPS 5.2RX.
CVE IDs: CVE-2018-20814
CVSS Base Score: 6.1
Severity: MEDIUM
CWEs: CWE-79
GHSA
GHSA-85p7-7gxf-f79f: An XSS issue was found with Psaldownload
ghsa_unreviewed·2022-05-24
CVE-2018-20814 [MEDIUM] CWE-79 GHSA-85p7-7gxf-f79f: An XSS issue was found with Psaldownload
An XSS issue was found with Psaldownload.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.3R2 before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX or PPS 5.2RX.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-06-28
Published