CVE-2013-5094
McAfee Vulnerability Manager 7.5 - Cross-Site Scripting via cert_cn Cookie Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2013-5094. PoCs published by Asheesh Anaconda.
AI-analyzed exploit summary The exploit demonstrates a reflected XSS vulnerability in McAfee Vulnerability Manager by injecting a malicious script via the 'cert_cn' cookie parameter. The payload triggers a JavaScript prompt, confirming arbitrary script execution in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in index.exp in McAfee Vulnerability Manager 7.5 allows remote attackers to inject arbitrary web script or HTML via the cert_cn cookie parameter.
Exploits (1)
The exploit demonstrates a reflected XSS vulnerability in McAfee Vulnerability Manager by injecting a malicious script via the 'cert_cn' cookie parameter. The payload triggers a JavaScript prompt, confirming arbitrary script execution in the context of the affected site.