CVE-2019-3602

Summary

Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a specially crafted custom rule containing HTML.

Affected Software

VendorProductVersion RangeStatus
McAfee, LLCMcAfee Network Security Manager (NSM)9.1 < 9.1 update 5 (9.1.7.77)affected

Weaknesses

  • Cross Site Scripting (XSS) vulnerability

ADP Enrichment

CVE Program Container

Additional References

References