7.8.4

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-04	CVE-2024-2166	Cross-site Scripting vulnerability in Forcepoint Email Security Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Email Security (Real Time Monitor modules) allows Reflected XSS.This issue affects Email Security: before 8.5.5 HF003. network low complexity forcepoint CWE-79	6.1
2022-09-12	CVE-2022-1700	XXE vulnerability in Forcepoint products Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by Forcepoint One Endpoint (F1E), Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20, 2022. network low complexity forcepoint CWE-611 critical	9.8
2021-04-08	CVE-2020-6590	XXE vulnerability in Forcepoint products Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leading to information disclosure. network low complexity forcepoint CWE-611	7.5