cve/2019/CVE-2019-3638.md

### [CVE-2019-3638](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3638)
![](https://img.shields.io/static/v1?label=Product&message=Web%20Gateway(MWG)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=7.8.x%3C%207.8.2.13%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Reflected%20Cross%20Site%20Scripting%20vulnerability&color=brighgreen)

### Description

Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway (MWG) 7.8.x prior to 7.8.2.13 allows remote attackers to collect sensitive information or execute commands with the MWG administrator's credentials via tricking the administrator to click on a carefully constructed malicious link.

### POC

#### Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10294

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-3638](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3638)`
			`![](https://img.shields.io/static/v1?label=Product&message=Web%20Gateway(MWG)&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=7.8.x%3C%207.8.2.13%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Reflected%20Cross%20Site%20Scripting%20vulnerability&color=brighgreen)`

			`### Description`

			`Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway (MWG) 7.8.x prior to 7.8.2.13 allows remote attackers to collect sensitive information or execute commands with the MWG administrator's credentials via tricking the administrator to click on a carefully constructed malicious link.`

			`### POC`

			`#### Reference`
			`- https://kc.mcafee.com/corporate/index?page=content&id=SB10294`

			`#### Github`
			`No PoCs found on GitHub currently.`