Vulnerabilities > Forcepoint > Email Security > 8.1

DATE CVE VULNERABILITY TITLE RISK
2024-09-04 CVE-2024-2166 Cross-site Scripting vulnerability in Forcepoint Email Security
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Email Security (Real Time Monitor modules) allows Reflected XSS.This issue affects Email Security: before 8.5.5 HF003.
network
low complexity
forcepoint CWE-79
6.1
6.1
2022-09-12 CVE-2022-1700 XXE vulnerability in Forcepoint products
Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by Forcepoint One Endpoint (F1E), Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20, 2022.
network
low complexity
forcepoint CWE-611
critical
 9.8
9.8
2021-04-08 CVE-2020-6590 XXE vulnerability in Forcepoint products
Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leading to information disclosure.
network
low complexity
forcepoint CWE-611
7.5
7.5