{"containers": {"cna": {"affected": [{"product": "Forcepoint Email Security", "vendor": "Forcepoint", "versions": [{"status": "affected", "version": "8.5"}, {"status": "affected", "version": "8.5.3"}]}], "descriptions": [{"lang": "en", "value": "It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply the relevant hotfix in order to remediate this issue."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-24T16:39:32", "orgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2", "shortName": "forcepoint"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://help.forcepoint.com/security/CVE/CVE-2019-6142.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@forcepoint.com", "ID": "CVE-2019-6142", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Forcepoint Email Security", "version": {"version_data": [{"version_value": "8.5"}, {"version_value": "8.5.3"}]}}]}, "vendor_name": "Forcepoint"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply the relevant hotfix in order to remediate this issue."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}]}, "references": {"reference_data": [{"name": "https://help.forcepoint.com/security/CVE/CVE-2019-6142.html", "refsource": "CONFIRM", "url": "https://help.forcepoint.com/security/CVE/CVE-2019-6142.html"}]}}}}, "cveMetadata": {"assignerOrgId": "e23ea22c-8c39-4eff-8980-2881e5ae54e2", "assignerShortName": "forcepoint", "cveId": "CVE-2019-6142", "datePublished": "2019-11-05T20:49:15", "dateReserved": "2019-01-11T00:00:00", "dateUpdated": "2022-08-24T16:39:32", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:forcepoint:email_security:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "78E3F701-3818-4F61-9106-39BCE15B28C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:forcepoint:email_security:8.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "F954B655-E3BC-4D8D-8C3B-DFF973568D6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:forcepoint:security_manager:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "B028429B-B847-43FB-8930-2BE4731360FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:forcepoint:security_manager:8.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "7DDE81F6-249B-44E2-85CD-6B15745D4C69", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "It has been reported that XSS is possible in Forcepoint Email Security, versions 8.5 and 8.5.3. It is strongly recommended that you apply the relevant hotfix in order to remediate this issue."}, {"lang": "es", "value": "Ha sido reportado que una vulnerabilidad de tipo XSS es posible en Forcepoint Email Security, versiones 8.5 y 8.5.3. Se recomienda encarecidamente que apliquen un parche en caliente para solucionar este problema."}], "id": "CVE-2019-6142", "lastModified": "2022-10-27T21:11:23.497", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-05T21:15:13.823", "references": [{"source": "psirt@forcepoint.com", "tags": ["Vendor Advisory"], "url": "https://help.forcepoint.com/security/CVE/CVE-2019-6142.html"}], "sourceIdentifier": "psirt@forcepoint.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "psirt@forcepoint.com", "type": "Secondary"}]}

{}