CVE-2017-11195

Published: Jul 12, 2017Modified: May 13, 2026

6.1

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.7

Source: NVD

Description

Pulse Connect Secure 8.3R1 has Reflected XSS in launchHelp.cgi. The helpLaunchPage parameter is reflected in an IFRAME element, if the value contains two quotes. It properly sanitizes quotes and tags, so one cannot simply close the src with a quote and inject after that. However, an attacker can use javascript: or data: to abuse this.

Affected (1)

Products: Pulsesecure: Pulse Connect Secure

1 product

Pulse Connect Secure

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Pulsesecure Pulse Connect Secure	Version 8.3r1.0

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (6)

http://www.securityfocus.com/bid/99615

Source: cve@mitre.org

http://www.sxcurity.pro/Multiple%20XSS%20and%20CSRF%20in%20Pulse%20Connect%20Secure%20v8.3R1.pdf

Source: cve@mitre.org

Third Party Advisory

https://twitter.com/sxcurity/status/884556905145937921

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/99615

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.sxcurity.pro/Multiple%20XSS%20and%20CSRF%20in%20Pulse%20Connect%20Secure%20v8.3R1.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://twitter.com/sxcurity/status/884556905145937921

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.