Total vulnerabilities in the database
A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 SP1 Update 1allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to limited access to sensitive information and limited ability to alter some information in ePO.
| Software | From | Fixed in |
|---|---|---|
| mcafee / epolicy_orchestrator | 5.10.0-update_1 | 5.10.0-update_1.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_2 | 5.10.0-update_2.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_3 | 5.10.0-update_3.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_4 | 5.10.0-update_4.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_5 | 5.10.0-update_5.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_6 | 5.10.0-update_6.x |
| mcafee / epolicy_orchestrator | 5.10.0 | 5.10.0.x |
| mcafee / epolicy_orchestrator | - | 5.10.0 |
| mcafee / epolicy_orchestrator | 5.10.0-update_7 | 5.10.0-update_7.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_8 | 5.10.0-update_8.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_9 | 5.10.0-update_9.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_10 | 5.10.0-update_10.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_11 | 5.10.0-update_11.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_12 | 5.10.0-update_12.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_13 | 5.10.0-update_13.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_14 | 5.10.0-update_14.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_11_hotfix_2 | 5.10.0-update_11_hotfix_2.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_11_hotfix_1 | 5.10.0-update_11_hotfix_1.x |
| mcafee / epolicy_orchestrator | 5.10.0-update_15 | 5.10.0-update_15.x |