Forcepoint Email Security versions 8.5 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Summary

Forcepoint Email Security versions 8.5 suffers from improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability

 

 

 

 

 

 

 

 

 

 

 

Credit:

The information has been provided by Jacek Lipkowski

The original article can be found at:https://support.forcepoint.com/KBArticle?id=000017691

 


Details

It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply the relevant hotfix in order to remediate this issue.

 

Vulnerable Systems:

Forcepoint Email Security versions 8.5 

Forcepoint Email Security versions 8.5.3

 

CVE Information:

CVE-2019-6142

 

Disclosure Timeline:
Published Date:11/5/2019