CVEs-PoC/2020/CVE-2020-7292.md

### [CVE-2020-7292](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7292)
![](https://img.shields.io/static/v1?label=Product&message=McAfee%20Web%20Gateway%20(MWG)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%209.2.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-838%20Inappropriate%20Encoding%20for%20output%20context&color=brighgreen)

### Description

Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL.

### POC

#### Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10323

#### Github
No PoCs found on GitHub currently.