CVE-2018-20306 is a vulnerability in Pulse Secure Virtual Traffic Manager
Published on December 20, 2018

A stored cross-site scripting (XSS) vulnerability in the web administration user interface of Pulse Secure Virtual Traffic Manager may allow a remote authenticated attacker to inject web script or HTML via a crafted website and steal sensitive data and credentials. Affected releases are Pulse Secure Virtual Traffic Manager 9.9 versions prior to 9.9r2 and 10.4r1.

NVD

Products Associated with CVE-2018-20306

Want to know whenever a new CVE is published for Pulse Secure Virtual Traffic Manager? stack.watch will email you.

Pulse Secure Virtual Traffic Manager

Exploit Probability

EPSS

0.18%

Percentile

39.79%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-20306 is a vulnerability in Pulse Secure Virtual Traffic ManagerPublished on December 20, 2018

Products Associated with CVE-2018-20306

Exploit Probability

CVE-2018-20306 is a vulnerability in Pulse Secure Virtual Traffic Manager
Published on December 20, 2018