Medium severity6.1NVD Advisory· Published May 17, 2017· Updated Jun 17, 2026
CVE-2017-4011
CVE-2017-4011
Description
Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of the HTTP request.
Affected products
2cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:*range: <=9.3.0
- (no CPE)range: 9.3.x
Patches
Vulnerability mechanics
References
2- kc.mcafee.com/corporate/indexnvdVendor Advisory
- www.securitytracker.com/id/1038523nvd
News mentions
0No linked articles in our index yet.