CVE-2020-7292

Name of the Vulnerable Software and Affected Versions McAfee Web Gateway versions prior to 9.2.1

Description The issue allows a remote attacker to cause the McAfee Web Gateway to return an ambiguous redirect response by getting a user to click on a malicious URL. This is due to an inappropriate encoding for output context.

Recommendations For versions prior to 9.2.1, update to version 9.2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to malicious URLs to minimize the risk of exploitation.