Cross-Site Scripting Vulnerability in Pivotal Cloud Foundry Apps Manager
CVE-2016-0926

6.1MEDIUM

Key Information:

Vendor
CVE Published:
18 September 2016

What is CVE-2016-0926?

The cross-site scripting vulnerability in Pivotal Cloud Foundry's Apps Manager allows remote attackers to exploit the AngularJS framework, enabling the injection of arbitrary web scripts or HTML. This flaw affects specific versions of the Elastic Runtime, making it crucial for users to update their systems to mitigate potential risks associated with remote exploitation.

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.