CVE-2020-7303

Summary

Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user's browser via adding a new label.

Affected Software

VendorProductVersion RangeStatus
McAfeeDLP ePO extension11.3 < 11.3.28affected
McAfeeDLP ePO extension11.4 < 11.4.200affected
McAfeeDLP ePO extension11.5 < 11.5.3affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References