CVE-2012-4597
McAfee EWS <5.6.3-7.0.1 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to the McAfee Security Appliance Management Console/Dashboard.
Scores
EPSS
0.0030
EPSS Percentile
52.6%
Classification
CWE
CWE-79
Status
draft
Affected Products (4)
mcafee/email_and_web_security
mcafee/email_and_web_security
mcafee/email_gateway
mcafee/email_gateway
Timeline
Published
Aug 22, 2012
Tracked Since
Feb 18, 2026