PT-2022-21778 · Mcafee · Epo
Published
2022-10-18
·
Updated
2022-10-20
·
CVE-2022-3339
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
ePO versions prior to 5.10 Update 14
Description
A reflected cross-site scripting issue allows a remote unauthenticated attacker to potentially obtain access to an administrator's session by convincing the authenticated administrator to click on a carefully crafted link, leading to limited access to sensitive information and limited ability to alter some information.
Recommendations
For versions prior to 5.10 Update 14, update to version 5.10 Update 14 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Epo