CVE-2020-7309: Cross Site Scripting vulnerability in ePO extension of MACC
First published: Wed Aug 26 2020(Updated: )
Cross Site Scripting vulnerability in ePO extension in McAfee Application Control (MAC) prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Application and Change Control | <8.3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-7309?
The severity of CVE-2020-7309 is medium (4.8).
How does CVE-2020-7309 affect McAfee Application Control?
CVE-2020-7309 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section of McAfee Application Control.
Which version of McAfee Application Control is affected by CVE-2020-7309?
McAfee Application Control prior to version 8.3.1 is affected by CVE-2020-7309.
How can I fix CVE-2020-7309?
To fix CVE-2020-7309, update McAfee Application Control to version 8.3.1 or newer.
Where can I find more information about CVE-2020-7309?
More information about CVE-2020-7309 can be found at the following link: [https://kc.mcafee.com/corporate/index?page=content&id=SB10324](https://kc.mcafee.com/corporate/index?page=content&id=SB10324)
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/title
- agent/weakness
- agent/remedy
- agent/severity
- agent/references
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/mcafee
- canonical/mcafee application and change control