Vulnerabilities > Pulsesecure > Virtual Traffic Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-14 | CVE-2021-31922 | HTTP Request Smuggling vulnerability in Pulsesecure Virtual Traffic Manager An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager before 21.1 could allow an attacker to smuggle an HTTP request through an HTTP/2 Header. | 7.5 |
| 2018-12-20 | CVE-2018-20307 | Information Exposure vulnerability in Pulsesecure Virtual Traffic Manager 10.4/17.2/9.9 Pulse Secure Virtual Traffic Manager 9.9 versions prior to 9.9r2 and 10.4r1 allow a remote authenticated user to obtain sensitive historical activity information by leveraging incorrect permission validation. | 4.3 |
| 2018-12-20 | CVE-2018-20306 | Cross-site Scripting vulnerability in Pulsesecure Virtual Traffic Manager 10.4/17.2/9.9 A stored cross-site scripting (XSS) vulnerability in the web administration user interface of Pulse Secure Virtual Traffic Manager may allow a remote authenticated attacker to inject web script or HTML via a crafted website and steal sensitive data and credentials. | 5.4 |