Vulnerability Details CVE-2015-2760
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.8%
CVSS Severity
CVSS v2 Score 3.5
References
Products affected by CVE-2015-2760
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.0
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.1
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.100
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.150
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.2
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.200
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.3
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.300
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.4
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.400
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.5
-
cpe:2.3:a:mcafee:data_loss_prevention_endpoint:9.3.6