Vulnerabilities > Proofpoint > Enterprise Protection > 8.20.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2023-5770 | Inappropriate Encoding for Output Context vulnerability in Proofpoint Enterprise Protection 8.18.6/8.20.0/8.20.2 Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. | 5.4 |
| 2023-11-06 | CVE-2023-5771 | Cross-site Scripting vulnerability in Proofpoint Enterprise Protection Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. | 6.1 |
| 2023-03-08 | CVE-2023-0089 | Code Injection vulnerability in Proofpoint Enterprise Protection The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below. | 8.8 |
| 2023-03-08 | CVE-2023-0090 | Code Injection vulnerability in Proofpoint Enterprise Protection The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. | 9.8 |
| 2022-11-17 | CVE-2021-31608 | Unspecified vulnerability in Proofpoint Enterprise Protection Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control. | 4.3 |