Lucene search
TrellixCVELIST:CVE-2020-7303HistoryAug 13, 2020 - 2:55 a.m.
CVE-2020-7303 DLP ePO extension - Cross-site scripting
2020-08-1302:55:13
CWE-79
trellix
www.cve.org
3
mcafee
dlp
xss
vulnerability
epo
extension
CVSS3
4.1
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
AI Score
5
Confidence
High
EPSS
0.001
Percentile
23.6%
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user’s browser via adding a new label.
CNA Affected
[
{
"product": "DLP ePO extension",
"vendor": "McAfee",
"versions": [
{
"lessThan": "11.3.28",
"status": "affected",
"version": "11.3",
"versionType": "custom"
},
{
"lessThan": "11.4.200",
"status": "affected",
"version": "11.4",
"versionType": "custom"
},
{
"lessThan": "11.5.3",
"status": "affected",
"version": "11.5",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2020-08-13 03:15:00
nvd
nvd
CVE-2020-7303
2020-08-13 03:15:14
cve
cve
CVE-2020-7303
2020-08-13 03:15:14
nessus
nessus
McAfee Data Loss Prevention ePO extension Multiple Vulnerabilities (SB10326)
2020-08-21 00:00:00
CVSS3
4.1
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
AI Score
5
Confidence
High
EPSS
0.001
Percentile
23.6%
Related for CVELIST:CVE-2020-7303