CVE-2017-3902

Sažetak

Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation.

Reference

http://www.securityfocus.com/bid/96465
http://www.securitytracker.com/id/1037628
https://kc.mcafee.com/corporate/index?page=content&id=SB10184

CVSS

Base:	3.5
Impact:	2.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:N/I:P/A:N

Zadnje važnije ažuriranje

26-07-2017 - 01:29

Objavljeno

13-02-2017 - 16:59