True Key (TK) - Cross Site Scripting Exposure
CVE-2018-6682
5.9MEDIUM
Summary
Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site.
Affected Version(s)
True Key (TK) x86 4.0.0.0
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
McAfee credits YoKo Kho for reporting this flaw.