Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a specially crafted custom rule containing HTML.
Published Date: Wednesday 15th of May 2019 12:29:00 PM
Modified Date: Wednesday 15th of May 2019 02:36:22 PM
Network Access Vector:
The attacker does not require local network access or local access.
One instance of authentication is required to access and exploit the vulnerability.
One instance of complexity is required to access and exploit the vulnerability.
There is no impact to the availability of the system.
Modification of some system files is posible.
There is none information disclosure.