Lucene search
HpeCVELIST:CVE-2016-8527HistoryAug 06, 2018 - 8:00 p.m.
CVE-2016-8527
2018-08-0620:00:00
hpe
www.cve.org
Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to a reflected cross-site scripting (XSS). The vulnerability is present in the VisualRF component of AirWave. By exploiting this vulnerability, an attacker who can trick a logged-in AirWave administrative user into clicking a link could obtain sensitive information, such as session cookies or passwords. The vulnerability requires that an administrative users click on the malicious link while currently logged into AirWave in the same browser.
CNA Affected
[
{
"product": "Aruba AirWave",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "all versions up to, but not including, 8.2.3.1"
}
]
}
]Related
prion
prion
Cross site scripting
2018-08-06 20:29:00
cve
cve
CVE-2016-8527
2018-08-06 20:29:00
nuclei
nuclei
Aruba Airwave <8.2.3.1 - Cross-Site Scripting
2021-09-16 04:01:39
nvd
nvd
CVE-2016-8527
2018-08-06 20:29:00
exploitpack
exploitpack
Aruba AirWave 8.2.3 - XML External Entity Injection Cross-Site Scripting
2017-03-01 00:00:00
packetstorm
packetstorm
Aruba AirWave 8.2.3 XXE Injection / Cross Site Scripting
2017-03-01 00:00:00
zdt
zdt
exploitdb
exploitdb
Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting
2017-03-01 00:00:00