4 matches found
CVE-2022-3339
Trellix ePolicy Orchestrator (ePO) prior to 5.10 Update 14 is affected by a reflected XSS (CVE-2022-3339). The vulnerability concerns the ePO web interface and can allow a remote, unauthenticated attacker to induce an authenticated administrator to click a crafted link, potentially enabling acces...
CVE-2022-3339 Reflected XSS in Trellix ePO server
A reflected cross-site scripting XSS vulnerability in ePO prior to 5.10 Update 14 allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to...
CVE-2022-3339 Reflected XSS in Trellix ePO server
A reflected cross-site scripting XSS vulnerability in ePO prior to 5.10 Update 14 allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to...
McAfee ePolicy Orchestrator Multiple Vulnerabilities (SB10387)
The instance of McAfee ePolicy Orchestrator installed on the remote host is affected by multiple vulnerabilities, including the following: - An External XML entity XXE vulnerability in ePO prior to 5.10 Update 14 can lead to an unauthenticated remote attacker to potentially trigger a Server Side...