XSS in Mcafee Superscan

CVE-2013-4884

Cross-site scripting (XSS) vulnerability in McAfee SuperScan 4.0 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded sequences in a server response, which is not properly handled in the SuperScan HTML report.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.043 (89.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References