CVE-2017-3165

Name of the Vulnerable Software and Affected Versions Apache Brooklyn versions prior to 0.10.0

Description The issue allows one authenticated user to cause scripts to run in the browser of another user authorized to access the first user's resources through cross-site scripting. This is due to improper escaping of server-side content. A proof-of-concept exploit using this vulnerability is known to exist.

Recommendations For versions prior to 0.10.0, update to version 0.10.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive resources to minimize the risk of exploitation.