Cross site scripting

2021-10-2211:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

22.9%

JSON

Stored Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator’s entries were not correctly sanitized.

CPENameOperatorVersion
epolicy_orchestratoreq5.10.0 update-1
epolicy_orchestratoreq5.10.0 update-2
epolicy_orchestratoreq5.10.0 update-3
epolicy_orchestratoreq5.10.0 update-4
epolicy_orchestratoreq5.10.0 update-5
epolicy_orchestratoreq5.10.0 update-6
epolicy_orchestratoreq5.10.0
epolicy_orchestratorlt5.10.0
epolicy_orchestratoreq5.10.0 update-7
epolicy_orchestratoreq5.10.0 update-8

Name	Operator	Version
epolicy_orchestrator	eq	5.10.0 update-1
epolicy_orchestrator	eq	5.10.0 update-2
epolicy_orchestrator	eq	5.10.0 update-3
epolicy_orchestrator	eq	5.10.0 update-4
epolicy_orchestrator	eq	5.10.0 update-5
epolicy_orchestrator	eq	5.10.0 update-6
epolicy_orchestrator	eq	5.10.0
epolicy_orchestrator	lt	5.10.0
epolicy_orchestrator	eq	5.10.0 update-7
epolicy_orchestrator	eq	5.10.0 update-8

Rows per page:

1-10 of 121

References

kc.mcafee.com/corporate/index?page=content&id=SB10366

0.001 Low

EPSS

Percentile

22.9%

JSON

Related for PRION:CVE-2021-31834