Stored Cross-Site Scripting Vulnerability in Proofpoint Enterprise Protection's Admin Smart Search Feature
CVE-2022-46332 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.
Learn more about our User Device Pen Test.