DLP ePO extension - Cross-site request forgery
CVE-2020-7304
7.6HIGH
What is CVE-2020-7304?
Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label.
Affected Version(s)
DLP ePO extension 11.3 < 11.3.28
DLP ePO extension 11.4 < 11.4.200
DLP ePO extension 11.5 < 11.5.3