A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote administrator attacker to upload a malicious XML file through the extension. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XXE
Epolicy Orchestrator
NVD
CVSS 3.1
3.8
EPSS
0.4%