A cross site scripting issue has been found in the Pulse Connect Secure and Pulse Policy Secure PCS/PPS products. The problem is a result of incorrect user input validation on the PCS/PPS web server. The issue exists within a web page that is only accessible by an authenticated administrator session.
Pulse Secure security team is not aware of any malicious exploitation of this vulnerability.
No other Pulse Secure products or platforms are affected by this issue.
This issue has been assigned CVE-2014-3820