{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T11:42:50.919","vulnerabilities":[{"cve":{"id":"CVE-2020-8238","sourceIdentifier":"support@hackerone.com","published":"2020-09-30T18:15:28.990","lastModified":"2024-11-21T05:38:34.047","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure < 9.1R8.2 could allow attackers to conduct Cross-Site Scripting (XSS)."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de usuario web autenticado de Pulse Connect Secure y Pulse Policy Secure versiones anteriores a 9.1R8.2, podrĂ­a permitir a atacantes llevar a cabo un ataque de tipo Cross-Site Scripting (XSS)"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:-:*:*:*:*:*:*","matchCriteriaId":"4F450898-0B06-4073-9B76-BF22F68BD14F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*","matchCriteriaId":"4B21C181-DC49-4EBD-9932-DBB337151FF7"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*","matchCriteriaId":"4FEFC4B1-7350-46F9-80C1-42F5AE06142F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*","matchCriteriaId":"DB7A6D62-6576-4713-9BF4-11068A72E8B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*","matchCriteriaId":"843BC1B9-50CC-4F8F-A454-A0CEC6E92290"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*","matchCriteriaId":"D5355372-03EA-46D7-9104-A2785C29B664"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*","matchCriteriaId":"3DE32A0C-8944-4F51-A286-266055CA4B2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*","matchCriteriaId":"0349A0CC-A372-4E51-899E-D7BA67876F4B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*","matchCriteriaId":"93D1A098-BD77-4A7B-9070-A764FB435981"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*","matchCriteriaId":"3CCC2D7B-F835-45EC-A316-2F0C5F2CF565"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*","matchCriteriaId":"AD812596-C77C-4129-982F-C22A25B52126"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*","matchCriteriaId":"9FA0B20D-3FA1-42AE-BDC5-93D8A182927C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*","matchCriteriaId":"BFFA0B02-7F6D-4434-B1E7-EB8520FD68A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*","matchCriteriaId":"6418A649-3A63-40CC-BD7C-309B3B0B2595"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*","matchCriteriaId":"A07B66E0-A679-4912-8CB1-CD134713EDC7"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*","matchCriteriaId":"6D37A6E4-D58E-444D-AF6A-15461F38E81A"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*","matchCriteriaId":"FC2B9DA0-E32B-4125-9986-F0D3814C66E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*","matchCriteriaId":"C9A5BA3E-D6B3-453D-8DDF-FF16859FD0F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*","matchCriteriaId":"BAFDA618-D15D-401D-AC68-0020259FEC57"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*","matchCriteriaId":"D55AB5F0-132F-4C40-BF4F-684E139B774B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*","matchCriteriaId":"26AEB02E-D2D0-4D7A-BB00-9E5112696B17"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*","matchCriteriaId":"6BE937D2-8BEE-4E64-8738-F550EAD00F50"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*","matchCriteriaId":"9C753520-1BC6-4980-AFC9-4C2FDDF2FD18"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*","matchCriteriaId":"AC3863BC-3B9A-402B-A74A-149CDF717EC6"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*","matchCriteriaId":"E3C09D51-FDA0-4D07-87D8-F527C8CBDAFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*","matchCriteriaId":"CCE2E1C0-680F-4EFF-ACE6-A1DAFA209D24"},{"vulnerable":true,"criteria":"cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*","versionEndIncluding":"9.0","matchCriteriaId":"18272F7E-A9BA-4175-B6F6-F7E550D736CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*","versionEndIncluding":"9.0","matchCriteriaId":"B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"}]}]}],"references":[{"url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588","source":"support@hackerone.com","tags":["Vendor Advisory"]},{"url":"https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/","source":"support@hackerone.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}