PT-2021-15583 · Mcafee · Mcafee Endpoint Security
Published
2021-02-10
·
Updated
2023-11-16
·
CVE-2021-23881
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
McAfee Endpoint Security (ENS) versions prior to 10.7.0 February 2021 Update
Description:
A stored cross-site scripting issue allows an ENS ePO administrator to add a script to a policy event. This script will be executed through a browser block page when a local non-administrator user triggers the policy.
Recommendations:
For versions prior to 10.7.0 February 2021 Update, update to the February 2021 Update or a later version to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mcafee Endpoint Security