Mcafee · Ens Hx · CVE-2025-5967
Name of the Vulnerable Software and Affected Versions:
ENS HX version 10.0.4
Description:
A stored cross-site scripting issue allows a malicious user to inject arbitrary HTML into the ENS HX Malware Scan Name field, resulting in the exposure of sensitive data.
Recommendations:
For ENS HX version 10.0.4, consider restricting input to the Malware Scan Name field to prevent arbitrary HTML injection until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.