Cross-Site Scripting Vulnerabilities in McAfee IntruShield Security Management System
CVE-2005-2186

Currently unrated

Key Information:

Vendor

Mcafee

Vendor
CVE Published:
11 July 2005

What is CVE-2005-2186?

The McAfee IntruShield Security Management System is susceptible to multiple cross-site scripting (XSS) vulnerabilities which allow remote authenticated users to inject arbitrary web scripts or HTML code. This occurs via the thirdMenuName and resourceName parameters in the SystemEvent.jsp, potentially leading to unauthorized access or manipulation of user sessions. Users are advised to implement immediate measures to mitigate risks associated with these vulnerabilities.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.