2 matches found
CVE-2017-4015
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header...
CVE-2017-4015
CVE-2017-4015 affects McAfee Network Data Loss Prevention (NDLP) 9.3.x. A remote authenticated attacker can hijack the victim’s click actions by sending specially crafted HTTP response headers to inject arbitrary web scripts/HTML. Root cause: improper validation of user-supplied HTTP response hea...