Vulnerabilities > Mcafee > Epolicy Orchestrator > 5.10.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-14 | CVE-2020-7318 | Cross-site Scripting vulnerability in Mcafee Epolicy Orchestrator 5.10.0/5.10.9 Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized. | 4.3 |
2020-10-14 | CVE-2020-7317 | Cross-site Scripting vulnerability in Mcafee Epolicy Orchestrator Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed. | 4.3 |