VYPR
Medium severity5.4NVD Advisory· Published Feb 13, 2017· Updated Jun 17, 2026

CVE-2017-3902

CVE-2017-3902

Description

Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation.

Affected products

5
  • cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.3:*:*:*:*:*:*:*
  • Intel/ePOv5
    Range: 5.1.3, 5.1.2, 5.1.1, and 5.1.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.