XSS in Mcafee Epolicy_orchestrator

CVE-2015-4559

Cross-site scripting (XSS) vulnerability in the product deployment feature in the Java core web services in Intel McAfee ePolicy Orchestrator (ePO) before 5.1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (49.8th percentile) — read the EPSS interpretation.

Affected products

Mcafee Epolicy_orchestrator
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
1032671 (vdb-entry, x_refsource_SECTRACK)
91539 (vdb-entry, x_refsource_BID)