Pulse Connect Secure Admin Web Interface XXE Vulnerability

Pulse Connect Secure Admin Web Interface XXE Vulnerability

CVE-2020-8256 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity (XXE) vulnerability.

Learn more about our Web App Pen Testing.