Pulse Connect Secure 8.3R1 has CSRF in logout.cgi. The logout function of the admin panel is not protected by any CSRF tokens, thus allowing an malicious user to logout a user by making them visit a malicious web page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pulsesecure pulse connect secure 8.3r1.0 |