Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Proofpoint Enterprise Protection (PPS/PoD) XSS in "Attachment Names"
Vulnerability Description
The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Proofpoint Enterprise Protection 跨站脚本漏洞
Vulnerability Description
Proofpoint Enterprise Protection是美国Proofpoint公司的一个应用程序。提供了保护电子邮件的功能。 Proofpoint Enterprise Protection (PPS/PoD) 8.19.0版本及之前版本存在安全漏洞,该漏洞源于管理员智能搜索功能包含存储型跨站点脚本漏洞。攻击者利用该漏洞可以获得管理员权限。
CVSS Information
N/A
Vulnerability Type
N/A