Vulnerabilities > Pulsesecure > Pulse Policy Secure > 5.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-30 | CVE-2020-8217 | Cross-site Scripting vulnerability in multiple products A cross site scripting (XSS) vulnerability in Pulse Connect Secure <9.1R8 allowed attackers to exploit in the URL used for Citrix ICA. | 5.4 |
| 2020-07-30 | CVE-2020-8216 | An information disclosure vulnerability in meeting of Pulse Connect Secure <9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID. | 4.3 |
| 2020-07-30 | CVE-2020-8206 | Improper Authentication vulnerability in multiple products An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP. | 8.1 |
| 2020-07-30 | CVE-2020-8204 | Cross-site Scripting vulnerability in multiple products A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure <9.1R5 on the PSAL Page. | 6.1 |
| 2020-07-27 | CVE-2020-12880 | An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. | 5.5 |
| 2020-04-06 | CVE-2020-11580 | Improper Certificate Validation vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4 An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. | 6.4 |
| 2019-06-28 | CVE-2018-20809 | Improper Input Validation vulnerability in multiple products A crafted message can cause the web server to crash with Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R5 and Pulse Policy Secure 5.4RX before 5.4R5. | 7.5 |