Lucene search
TrellixCVELIST:CVE-2020-7317HistoryOct 14, 2020 - 6:20 p.m.
CVE-2020-7317 ePolicy Orchistrator (ePO) - Cross-Site Scripting vulnerability
2020-10-1418:20:21
CWE-79
trellix
www.cve.org
6
mcafee
epolicy orchistrator
cross-site scripting
cve-2020-7317
web script
html
parameter values
sanitization
CVSS3
4.6
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
EPSS
0
Percentile
12.6%
Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for “syncPointList” not being correctly sanitsed.
CNA Affected
[
{
"product": "ePolicy Orchistrator (ePO)",
"vendor": "McAfee",
"versions": [
{
"lessThan": "5.10.9 update 9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2020-10-14 19:15:00
nvd
nvd
CVE-2020-7317
2020-10-14 19:15:14
cve
cve
CVE-2020-7317
2020-10-14 19:15:14
nessus
nessus
McAfee ePolicy Orchestrator Multiple XSS (SB10332)
2021-01-14 00:00:00
CVSS3
4.6
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
EPSS
0
Percentile
12.6%
Related for CVELIST:CVE-2020-7317