Security Advisory

CVE-2021-31835

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-22 11:05:11
Last updated 2024-08-03 23:10:30
Assigner trellix
State PUBLISHED

Description

Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via a specific parameter where the administrators entries were not correctly sanitized.