VYPR
Medium severity5.4NVD Advisory· Published Oct 31, 2017· Updated Jun 17, 2026

CVE-2017-3933

CVE-2017-3933

Description

Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack.

Affected products

6
  • cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mcafee:network_data_loss_prevention:9.3.4:*:*:*:*:*:*:*
    • (no CPE)range: 9.3.X

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.