CVE-2012-4590
McAfee Enterprise Mobility Manager < 10.0 - Cross-Site Scripting via User Agent or Connection Variable
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 might allow remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Connection variable.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/78222
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10022
Scores
EPSS
0.0026
EPSS Percentile
49.6%
Details
CWE
CWE-79
Status
published
Products (2)
mcafee/enterprise_mobility_manager
4.7
mcafee/enterprise_mobility_manager
< 9.6
Published
Aug 22, 2012
Tracked Since
Feb 18, 2026