CVE-2023-26290 Information

Description

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway Email Security Cloud (login_reset_request.mhtml modules) Forcepoint Web Security Portal on Hybrid (login_reset_request.mhtml modules) allows Reflected XSS.This issue affects Cloud Security Gateway (CSG): before 03/29/2023; Web Security: before 03/29/2023.

Reference

https://support.forcepoint.com/s/article/000041617