VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Feb 17, 2015· Updated May 6, 2026

CVE-2015-1619

CVE-2015-1619

Description

Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages.

Affected products

17
  • McAfee/Email Gateway17 versions
    cpe:2.3:a:mcafee:email_gateway:7.5:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:mcafee:email_gateway:7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:*:*:*:*:*:*:*:*range: <=5.6
    • cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:email_gateway:7.0.5:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.