CVE-2017-3961

LOW

McAfee Network Security Manager < 8.2.7.42.2 - Authenticated Cross-Site Scripting via Crafted User Input

Title source: llm
STIX 2.1

Description

Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via crafted user input of attributes.

References (1)

Core 1
Core References

Scores

CVSS v3 3.5
EPSS 0.0061
EPSS Percentile 44.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L

Details

CWE
CWE-79
Status published
Products (1)
mcafee/network_security_manager < 8.2.7.42.2
Published May 25, 2018
Tracked Since Feb 18, 2026