7 matches found
EUVD-2007-6024
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in the login page in the management interface in the Aruba 800 Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the /screens URI, related to the url...
CVE-2007-6054
Cross-site scripting XSS vulnerability in the login page in the management interface in the Aruba 800 Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the /screens URI, related to the url...
CVE-2007-6054
The CVE-2007-6054 entry describes an XSS vulnerability in the login page of Aruba 800 Mobility Controller (versions 2.5.4.18 and earlier; 2.4.8.6-FIPS and earlier). The issue occurs in the management interface via PATH_INFO to the /screens URI, related to the url variable, allowing remote attacke...
CVE-2007-6054
Cross-site scripting XSS vulnerability in the login page in the management interface in the Aruba 800 Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the /screens URI, related to the url...
PR07-26: Persistent XSS on Aruba 800 Mobility Controller's login page
Date Found: 17th July 2007 Vendor informed: 23rd July 2007 Confirmed by vendor: 13th September 2007 Description: Aruba 800 is vulnerable to a persistent XSS on the administrator login screen. An unauthenticated user can re-write the hidden parameter 'url' by requesting a link under the /screens/...
ProCheckUp Security Advisory 2007.26
Date Found: 17th July 2007 Vendor informed: 23rd July 2007 Confirmed by vendor: 13th September 2007 Description: Aruba 800 is vulnerable to a persistent XSS on the administrator login screen. An unauthenticated user can re-write the hidden parameter 'url' by requesting a link under the /screens/...