CVE-2013-4884
McAfee SuperScan 4.0 - Cross-Site Scripting via UTF-7 Encoded Server Response
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2013-4884. PoCs published by Trustwave's SpiderLabs.
AI-analyzed exploit summary This advisory describes a UTF-7 encoded XSS vulnerability in McAfee SuperScan 4.0, where a crafted server response can inject malicious payloads into generated port scan reports. The exploit leverages UTF-7 encoding to bypass input validation.
Description
Cross-site scripting (XSS) vulnerability in McAfee SuperScan 4.0 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded sequences in a server response, which is not properly handled in the SuperScan HTML report.
Exploits (1)
This advisory describes a UTF-7 encoded XSS vulnerability in McAfee SuperScan 4.0, where a crafted server response can inject malicious payloads into generated port scan reports. The exploit leverages UTF-7 encoding to bypass input validation.