Unrated severityNVD Advisory· Published Aug 14, 2019· Updated Aug 4, 2024
MWG UI: Cross-Frame Scripting vulnerability
CVE-2019-3639
Description
Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header.
Affected products
2- Range: >=7.8.2.0, <7.8.2.12
- McAfee, LLC/McAfee Web Gateway (MWG)v5Range: 7.8.2.x
Patches
Vulnerability mechanics
References
1- kc.mcafee.com/corporate/indexmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.