Medium severity5.4NVD Advisory· Published Feb 13, 2017· Updated Jun 17, 2026
CVE-2017-3902
CVE-2017-3902
Description
Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation.
Affected products
5cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.3:*:*:*:*:*:*:*
- Intel/ePOv5Range: 5.1.3, 5.1.2, 5.1.1, and 5.1.0
Patches
Vulnerability mechanics
References
3- kc.mcafee.com/corporate/indexnvdPatchVendor Advisory
- www.securityfocus.com/bid/96465nvd
- www.securitytracker.com/id/1037628nvd
News mentions
0No linked articles in our index yet.