Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9.0.x before 9.0R3 contain a reflected cross-site scripting caused by insufficient sanitization on the Application Launcher page, letting attackers execute scripts in the context of the affected page, exploit requires victim to visit a malicious link.
id: CVE-2019-11507
info:
name: Pulse Secure Pulse Connect Secure - Cross-Site Scripting (Reflecte
...