Cross-Site Scripting Vulnerability in McAfee Network Data Loss Prevention
CVE-2017-3933
5.4MEDIUM
What is CVE-2017-3933?
A cross-site scripting (XSS) vulnerability exists in McAfee Network Data Loss Prevention (NDLP) 9.3.x, permitting remote authenticated users to execute scripted inputs in HTTP headers. This flaw can be exploited via cross-site request forgery, resulting in unauthorized access to confidential information. Proper security protocols and regular updates are essential to mitigate this risk.
Affected Version(s)
Network Data Loss Prevention 9.3.X