VYPR
Unrated severityNVD Advisory· Published Aug 14, 2019· Updated Aug 4, 2024

MWG UI: Cross-Frame Scripting vulnerability

CVE-2019-3639

Description

Clickjack vulnerability in Adminstrator web console in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows remote attackers to conduct clickjacking attacks via a crafted web page that contains an iframe via does not send an X-Frame-Options HTTP header.

Affected products

2
  • Range: >=7.8.2.0, <7.8.2.12
  • McAfee, LLC/McAfee Web Gateway (MWG)v5
    Range: 7.8.2.x

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.