Unrated severityNVD Advisory· Published Nov 1, 2021· Updated Aug 3, 2024
Data Loss Prevention (DLP) ePO extension - Cross site scripting (XSS)
CVE-2021-31848
Description
Cross site scripting (XSS) vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.7.100 allows a remote attacker to highjack an active DLP ePO administrator session by convincing the logged in administrator to click on a carefully crafted link in the case management part of the DLP ePO extension.
Affected products
2<11.7.100+ 1 more
- (no CPE)range: <11.7.100
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- kc.mcafee.com/corporate/indexmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.