Vulnerabilities > Proofpoint > Enterprise Protection > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2023-5770 Inappropriate Encoding for Output Context vulnerability in Proofpoint Enterprise Protection 8.18.6/8.20.0/8.20.2
Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject.
network
low complexity
proofpoint CWE-838
5.4
2023-11-06 CVE-2023-5771 Cross-site Scripting vulnerability in Proofpoint Enterprise Protection
Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI.
network
low complexity
proofpoint CWE-79
6.1
2022-11-17 CVE-2021-31608 Unspecified vulnerability in Proofpoint Enterprise Protection
Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control.
network
low complexity
proofpoint
4.3
2021-05-07 CVE-2020-14009 Improper Validation of Integrity Check Value vulnerability in Proofpoint Enterprise Protection 8.14.0/8.14.2
Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules.
network
low complexity
proofpoint CWE-354
6.3