Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Pulse Connect Secure 8.3R1 has Reflected XSS in adminservercacertdetails.cgi. In the admin panel, the certid parameter of adminservercacertdetails.cgi is reflected in the application's response and is not properly sanitized, allowing an attacker to inject tags. An attacker could come up with clever payloads to make the system run commands such as ping, ping6, traceroute, nslookup, arp, etc.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Pulse Connect Secure 跨站脚本漏洞
Vulnerability Description
Pulse Connect Secure(又名PCS,前称Juniper Junos Pulse)是美国Pulse Secure公司的一套SSL VPN解决方案。 PCS 8.3R1版本中的adminservercacertdetails.cgi文件存在跨站脚本漏洞。远程攻击者可利用该漏洞注入标签,执行命令。
CVSS Information
N/A
Vulnerability Type
N/A