A cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote malicious user to potentially obtain access to an ePO administrator's session by convincing the malicious user to click on a carefully crafted link. This would lead to limited ability to alter some information in ePO due to the area of the User Interface the vulnerability is present in.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcafee epolicy orchestrator 5.10.0 |
||
mcafee epolicy orchestrator |