Aruba · Aos-8 Instant · CVE-2026-23819
**Name of the Vulnerable Software and Affected Versions**
Access Points running AOS-10 (affected versions not specified)
Access Points running AOS-8 Instant (affected versions not specified)
**Description**
A flaw in the web-based management interface allows an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser on the same local network. This could lead to the compromise of user data and potential manipulation of device configuration settings.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.