CVE-2017-3902

medium

Description

Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10184

http://www.securitytracker.com/id/1037628

http://www.securityfocus.com/bid/96465

Details

Source: Mitre, NVD

Published: 2017-02-13

Updated: 2017-07-26

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

Detections

Analytics