The vulnerability of the application’s web interface for automated internal and external IT audits. McAfee Policy Auditor allows attackers to perform cross-site scripting attacks and gain unauthorized access to protected information.

The vulnerability of the application’s web interface for automating internal and external IT audits, as provided by McAfee Policy Auditor, is related to the failure to protect the structure of the web page when processing the profileNodeID parameter. Exploitation of this vulnerability allows a...

McAfee Policy Auditor 跨站脚本漏洞

McAfee Policy Auditor is an agent-based IT assessment solution that leverages the Security Content Automation Protocol SCAP to automate the processes required for internal and external IT and security audits.A reflective cross-site scripting vulnerability exists in versions of McAfee Policy Audit...