VYPR
Unrated severityNVD Advisory· Published Feb 17, 2015· Updated Jun 17, 2026

CVE-2015-1619

CVE-2015-1619

Description

Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages.

Affected products

18
  • cpe:2.3:a:mcafee:email_gateway:*:*:*:*:*:*:*:*+ 17 more
    • cpe:2.3:a:mcafee:email_gateway:*:*:*:*:*:*:*:*range: <=5.6
    • cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.6.3:*:*:*:*:*:*:*
    • (no CPE)range: <=7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6 and earlier

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.