mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-24 11:44:02 +02:00
0xMarcio
929 B
929 B
CVE-2020-8256
%20(CWE-611)&color=brightgreen)
Description
A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity (XXE) vulnerability.
POC
Reference
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588
- https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/