Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard.
References
Link | Resource |
---|---|
https://kc.mcafee.com/corporate/index?page=content&id=SB10335 | Broken Link Vendor Advisory |
https://kc.mcafee.com/corporate/index?page=content&id=SB10335 | Broken Link Vendor Advisory |
Configurations
History
21 Nov 2024, 05:37
Type | Values Removed | Values Added |
---|---|---|
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10335 - Broken Link, Vendor Advisory |
16 Nov 2023, 02:18
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 | |
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10335 - Broken Link, Vendor Advisory |
07 Nov 2023, 03:26
Type | Values Removed | Values Added |
---|---|---|
CWE | ||
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10335 - |
Information
Published : 2020-11-12 10:15
Updated : 2024-11-21 05:37
NVD link : CVE-2020-7333
Mitre link : CVE-2020-7333
CVE.ORG link : CVE-2020-7333
JSON object : View
Products Affected
mcafee
- endpoint_security
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')