VYPR
Unrated severityNVD Advisory· Published Jun 9, 2021· Updated Aug 3, 2024

Cross site scripting vulnerability in DLP Endpoint for Windows

CVE-2021-31832

Description

Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed when an end user triggers a DLP policy on their machine.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.