Security Advisory

CVE-2024-5955

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-20 05:53:28

Last updated 2024-12-20 17:37:43

Assigner trellix

State PUBLISHED

Description

Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack 1 Update 3 allows a remote authenticated attacker to craft requests causing arbitrary content to be injected into the response when accessing the epolicy Orchestrator.

← Browse all CVEs View on cve.org ↗