CVE-2015-1390

Name of the Vulnerable Software and Affected Versions Aruba AirWave versions prior to 8.0.7

Description The issue allows for cross-site scripting (XSS) attacks against an administrator. This is due to a lack of protection measures for the web page structure, which can be exploited by a remote attacker to conduct inter-site scripting attacks.

Recommendations For Aruba AirWave versions prior to 8.0.7, update to version 8.0.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the administrative interface to minimize the risk of exploitation.