4 matches found
CVE-2022-3339 Reflected XSS in Trellix ePO server
A reflected cross-site scripting XSS vulnerability in ePO prior to 5.10 Update 14 allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to...
CVE-2022-3339 Reflected XSS in Trellix ePO server
A reflected cross-site scripting XSS vulnerability in ePO prior to 5.10 Update 14 allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to...
CVE-2022-3339
Trellix ePolicy Orchestrator (ePO) prior to 5.10 Update 14 is affected by a reflected XSS (CVE-2022-3339). The vulnerability concerns the ePO web interface and can allow a remote, unauthenticated attacker to induce an authenticated administrator to click a crafted link, potentially enabling acces...
McAfee ePolicy Orchestrator Multiple Vulnerabilities (SB10387)
The instance of McAfee ePolicy Orchestrator installed on the remote host is affected by multiple vulnerabilities, including the following: - An External XML entity XXE vulnerability in ePO prior to 5.10 Update 14 can lead to an unauthenticated remote attacker to potentially trigger a Server Side...