SynopsisA web application hosted on the remote web server is affected by a cross-site scripting vulnerability.
DescriptionThe version of the McAfee WebShield UI hosted on the remote web server is affected by a cross-site scripting vulnerability. Extra path information passed to the end of the 'dashboard' script is not properly sanitized. A remote attacker can exploit this by convincing a user into requesting a maliciously crafted URL, resulting in arbitrary script code execution.
SolutionApply the relevant hotfix specified in McAfee Security Bulletin SB10026.