CVE-2019-3776
7.2
CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L
Summary
Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with malicious content could execute arbitrary JavaScript in the user's browser.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Pivotal | Pivotal Ops Manager | 2.2 < 2.2.16 | affected |
| Pivotal | Pivotal Ops Manager | 2.3 < 2.3.10 | affected |
| Pivotal | Pivotal Ops Manager | 2.4 < 2.4.3 | affected |
| Pivotal | Pivotal Ops Manager | 2.1 < 2.1.19 | affected |
Weaknesses
- CWE-79: CWE-79: Cross-site Scripting (XSS) - Reflected
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.