CVE-2013-4883

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and earlier, and the ePO Extension for the McAfee Agent (MA) 4.5 through 4.6, allow remote attackers to inject arbitrary web script or HTML via the (1) instanceId parameter core/loadDisplayType.do; (2) instanceId or (3) monitorUrl parameter to console/createDashboardContainer.do; uid parameter to (4) ComputerMgmt/sysDetPanelBoolPie.do or (5) ComputerMgmt/sysDetPanelSummary.do; (6) uid, (7) orion.user.security.token, or (8) ajaxMode parameter to ComputerMgmt/sysDetPanelQry.do; or (9) uid, (10) orion.user.security.token, or (11) ajaxMode parameter to ComputerMgmt/sysDetPanelSummary.do.

🔗 References (16)

cve@mitrehttp://osvdb.org/95187
cve@mitrehttp://osvdb.org/95188
cve@mitrehttp://osvdb.org/95189
cve@mitrehttp://osvdb.org/95190
cve@mitrehttp://osvdb.org/95191
cve@mitrehttp://www.securityfocus.com/archive/1/527228
cve@mitrehttp://www.securitytracker.com/id/1028803
cve@mitrehttps://kc.mcafee.com/corporate/index?page=content&id=KB78824
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/95187
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/95188
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/95189
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/95190
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/95191
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/527228
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1028803

Is Your Infrastructure Affected by CVE-2013-4883?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-4883

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-4883?