Vulnerabilities > Proofpoint > Enterprise Protection > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2023-5770 | Inappropriate Encoding for Output Context vulnerability in Proofpoint Enterprise Protection 8.18.6/8.20.0/8.20.2 Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. | 5.4 |
| 2023-11-06 | CVE-2023-5771 | Cross-site Scripting vulnerability in Proofpoint Enterprise Protection Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. | 6.1 |
| 2022-11-17 | CVE-2021-31608 | Unspecified vulnerability in Proofpoint Enterprise Protection Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control. | 4.3 |
| 2021-10-13 | CVE-2021-39304 | Unspecified vulnerability in Proofpoint Enterprise Protection 8.12.02107140000 Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass. | 5.0 |
| 2021-05-07 | CVE-2020-14009 | Improper Validation of Integrity Check Value vulnerability in Proofpoint Enterprise Protection 8.14.2 Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. | 6.8 |
| 2020-01-13 | CVE-2019-19680 | Unspecified vulnerability in Proofpoint Enterprise Protection 8.14.2/8.9.22 A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email. network proofpoint | 6.8 |