CVE-2020-7333

Summary

Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard.

Affected Software

VendorProductVersion RangeStatus
Mcafee, LLCEndpoint Security for Windows10.7.x <= 10.7.0 September 2020 Updateaffected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References