Cross-Site Scripting Vulnerability in McAfee Data Loss Prevention Endpoint
CVE-2015-1617

Currently unrated

Key Information:

Vendor: Mcafee
Status: Data Loss Prevention Endpoint
Vendor: CVE Published:; 17 February 2015

Summary

A cross-site scripting vulnerability exists in the ePO extension of McAfee's Data Loss Prevention Endpoint prior to version 9.3.400, enabling authenticated remote users to inject arbitrary web scripts or HTML through unspecified vectors. This flaw poses significant security risks as it can lead to unauthorized actions on behalf of users, potentially compromising sensitive data.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 17, 2015