Vulnerabilities > Forcepoint > Cloud Security Gateway > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-29 CVE-2023-26290 Cross-site Scripting vulnerability in Forcepoint Cloud Security Gateway and web Security
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_reset_request.mhtml modules), Forcepoint Web Security Portal on Hybrid (login_reset_request.mhtml modules) allows Reflected XSS.This issue affects Cloud Security Gateway (CSG): before 03/29/2023; Web Security: before 03/29/2023.
network
low complexity
forcepoint CWE-79
6.1
2023-03-29 CVE-2023-26291 Cross-site Scripting vulnerability in Forcepoint Cloud Security Gateway and web Security
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_form.mhtml modules), Forcepoint Web Security Portal on Hybrid (login_form.mhtml modules) allows Reflected XSS.This issue affects Cloud Security Gateway (CSG): before 03/29/2023; Web Security: before 03/29/2023.
network
low complexity
forcepoint CWE-79
6.1
2023-03-29 CVE-2023-26292 Cross-site Scripting vulnerability in Forcepoint Cloud Security Gateway and web Security
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_submit.mhtml modules), Forcepoint Web Security Portal on Hybrid (login_submit.mhtml modules) allows Reflected XSS.This issue affects Cloud Security Gateway (CSG): before 03/29/2023; Web Security: before 03/29/2023.
network
low complexity
forcepoint CWE-79
6.1