Unauthenticated Stored Cross-Site Scripting (XSS) in ArubaOS Web-based Management Interface

A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

N/A

Aruba Networks ArubaOS 跨站脚本漏洞

Aruba Networks ArubaOS是美国安移通（Aruba Networks）公司的一套面向Aruba Mobility-Defined Networks（包括移动控制器和移动接入交换机）的操作系统。 Aruba Networks ArubaOS 存在安全漏洞，该漏洞源于允许未经身份验证的远程攻击者对该界面的用户进行存储型跨站脚本(XSS)攻击，攻击者利用该漏洞可以在浏览器中执行任意脚本代码。

N/A

N/A