Medium severity5.4NVD Advisory· Published Oct 31, 2017· Updated Jun 17, 2026
CVE-2017-3933
CVE-2017-3933
Description
Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack.
Affected products
6cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.4:*:*:*:*:*:*:*
- (no CPE)range: 9.3.X
Patches
Vulnerability mechanics
References
2- kc.mcafee.com/corporate/indexnvdPatchVendor Advisory
- www.securityfocus.com/bid/101628nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.