A reflected cross-site scripting (XSS) vulnerability in ePO before 5.10 Update 14 allows a remote unauthenticated malicious user to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to limited access to sensitive information and limited ability to alter some information in ePO.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcafee epolicy orchestrator 5.10.0 |
||
mcafee epolicy orchestrator |