Security for everyone

CVE-2020-7318 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in McAfee ePolicy Orchestrator (ePO) affects v. prior to 5.10.9 Update 9.


Short Info



Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

30 sec

Scan only one




McAfee ePolicy Orchestrator (ePO) is a centralized management system used by enterprises to oversee their security infrastructure. It is a software platform used for managing hardware and software assets, security policies, and updates across a network of computers. The objective of this tool is to help organizations monitor and manage their security systems in a centralized manner. 

The recent detection of CVE-2020-7318 vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10.9 Update 9 is a significant concern for organizations because this vulnerability allows administrators to inject arbitrary web script or HTML via multiple parameters, where the administrator's entries were not correctly sanitized. This essentially means that an attacker can inject malicious code into the system and execute unauthorized actions without user intervention. 

This vulnerability can lead to a plethora of security risks if exploited. The attacker can bypass access controls, steal sensitive data, and even take control of the affected system. The exploit of this vulnerability can also lead to a potential Denial of Service (DoS) attack, which can cause disruptions in an organization's critical operations. All these security implications make it critical for organizations to take necessary precautions to protect their digital assets and prevent any potential security threats. 

Lastly, the platform offers numerous pro features that can help organizations identify potential vulnerabilities in their digital assets easily and quickly. With the help of this platform, users can gain access to comprehensive reports, security checklists, and test results, making it easier for them to stay ahead of potential security threats. Overall, it is critically important for organizations to remain vigilant and take necessary precautions to safeguard their digital assets against the ever-evolving cybersecurity threats.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture