Vulnerabilities > Mcafee > Network Security Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-04 | CVE-2017-3966 | Insufficient Session Expiration vulnerability in Mcafee Network Security Manager Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL. | 6.3 |
| 2018-04-04 | CVE-2017-3964 | Cross-site Scripting vulnerability in Mcafee Network Security Manager Reflective Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to inject arbitrary web script or HTML via a URL parameter. | 5.4 |