PT-2016-4479 · Google+1 · Angularjs+1

Published

2016-09-18

Updated

2019-02-20

CVE-2016-0926

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Pivotal Cloud Foundry (PCF) Elastic Runtime versions 1.6.0 through 1.6.32 Pivotal Cloud Foundry (PCF) Elastic Runtime versions 1.7.0 through 1.7.8

Description The issue is related to a cross-site scripting (XSS) vulnerability in the Apps Manager component. This vulnerability allows remote attackers to inject arbitrary web script or HTML via unspecified input that improperly interacts with the AngularJS framework.

Recommendations For versions 1.6.0 through 1.6.32, update to version 1.6.32 or later. For versions 1.7.0 through 1.7.8, update to version 1.7.8 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2016-0926

Affected Products

Angularjs

Pivotal Cloud Foundry (Pcf) Elastic Runtime

PT-2016-4479 · Google+1 · Angularjs+1

CVE-2016-0926

Weakness Enumeration

Related Identifiers

Affected Products

References · 4