CVE-2012-4597: XSS
First published: Wed Aug 22 2012(Updated: )
Cross-site scripting (XSS) vulnerability in McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to the McAfee Security Appliance Management Console/Dashboard.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Email and Web Security | =5.5 | |
| McAfee Email and Web Security | =5.6 | |
| McAfee Email Gateway | =7.0.0 | |
| McAfee Email Gateway | =7.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/mcafee
- canonical/mcafee email and web security
- version/mcafee email and web security/5.5
- version/mcafee email and web security/5.6
- canonical/mcafee email gateway
- version/mcafee email gateway/7.0.0
- version/mcafee email gateway/7.0.1