XSS in Mcafee Vulnerability_manager
CVE-2014-1472
Multiple cross-site scripting (XSS) vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.020 (77.9th percentile) — read the EPSS interpretation.
Affected products
- Mcafee Vulnerability_manager — versions 7.0.11, 7.5.4
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)