Cross-Site Scripting Vulnerability in McAfee Email and Web Security and Email Gateway
CVE-2012-4597

Currently unrated

Key Information:

Vendor: Mcafee
Status: Email And Web Security; Email Gateway
Vendor: CVE Published:; 22 August 2012

Summary

A cross-site scripting (XSS) vulnerability exists in specific versions of McAfee Email and Web Security and McAfee Email Gateway. This vulnerability enables remote attackers to execute arbitrary web scripts or HTML by exploiting the management console/dashboards of the McAfee Security Appliance. Successful exploitation may lead to unauthorized actions and compromise the security integrity of affected systems.

References

http://www.securitytracker.com/id?1027444

vdb-entryx_refsource_SECTRACK

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/77979

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Aug 22, 2012
Vulnerability Reserved
Aug 22, 2012