Cross-Site Scripting Vulnerability in Aruba AirWave Management Software
CVE-2015-1390
6.1MEDIUM
What is CVE-2015-1390?
Aruba AirWave versions prior to 8.0.7 contain a vulnerability that permits attackers to execute cross-site scripting (XSS) attacks against an administrator. This flaw can allow the insertion of malicious scripts into web pages viewed by the affected user, potentially leading to sessions hijacking and unauthorized access to sensitive information. It is crucial for administrators using Aruba AirWave to apply the necessary patches and updates to mitigate this risk.