Security Advisory

CVE-2021-31830

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-03 10:10:16
Last updated 2024-08-03 23:10:30
Assigner trellix
State PUBLISHED

Description

Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to embed JavaScript code when configuring the name of a database to be monitored. This would be triggered when any authorized user logs into the DBSec interface and opens the properties configuration page for this database.