3 matches found
CVE-2019-3591
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in ePO extension in McAfee Data Loss Prevention DLPe for Windows 11.x prior to 11.3.0 allows unauthenticated remote user to trigger specially crafted JavaScript to render in the ePO UI via a carefully crafted uploa...
CVE-2019-3591 DLP Endpoint ePO extension vulnerable to XSS
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in ePO extension in McAfee Data Loss Prevention DLPe for Windows 11.x prior to 11.3.0 allows unauthenticated remote user to trigger specially crafted JavaScript to render in the ePO UI via a carefully crafted uploa...
CVE-2019-3591
McAfee DLPe (Data Loss Prevention Endpoint) with the ePO extension for Windows has a stored XSS vulnerability (CVE-2019-3591) due to improper input neutralization during web page generation in the ePO UI. A remote, unauthenticated user can trigger JavaScript via a crafted upload to a remote websi...