Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Pulse Connect Secure 8.3R1 has CSRF in logout.cgi. The logout function of the admin panel is not protected by any CSRF tokens, thus allowing an attacker to logout a user by making them visit a malicious web page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Pulse Connect Secure 跨站请求伪造漏洞
Vulnerability Description
Pulse Connect Secure(又名PCS,前称Juniper Junos Pulse)是美国Pulse Secure公司的一套SSL VPN解决方案。 PCS 8.3R1版本中的logout.cgi文件中存在跨站请求伪造漏洞,该漏洞源于程序没有使用跨站请求伪造令牌保护管理员面板。远程攻击者可通过诱使用户访问恶意的Web页面利用该漏洞注销用户。
CVSS Information
N/A
Vulnerability Type
N/A