Arbitrary HTML Code Injection Vulnerability in McAfee Threat Intelligence Exchange (TIE) Server

Arbitrary HTML Code Injection Vulnerability in McAfee Threat Intelligence Exchange (TIE) Server

CVE-2017-3907 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector.

Learn more about our Cis Benchmark Audit For Microsoft Exchange Server.