CVE-2020-7309

Summary

Cross Site Scripting vulnerability in ePO extension in McAfee Application Control (MAC) prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section.

Affected Software

VendorProductVersion RangeStatus
McAfee, LLCMcAfee Application and Change Control8.3.1 < 8.3.1affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References