CVE-2016-8527 PoC — Aruba AirWave Management Platform 跨站脚本漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2016/CVE-2016-8527.yaml

Associated Vulnerability

Title:Aruba AirWave Management Platform 跨站脚本漏洞 (CVE-2016-8527)
Description:Aruba AirWave是美国安移通网络（Aruba）公司的一套适用于多供应商管理系统的网络管理软件。该软件具备端到端监控能力，可改善网络操作和管理RF安全性，以及提供实时监控、主动报警和历史数据报告等功能。VisualRF是其中的一个射频组件。 Aruba AirWave 8.2.3.1之前的版本中的VisualRF组件存在跨站脚本漏洞。攻击者可通过诱使用户点击恶意链接利用该漏洞获取敏感信息（包括会话cookies或密码）。

Description

Aruba Airwave before version 8.2.3.1 is vulnerable to reflected cross-site scripting.

File Snapshot


 id: CVE-2016-8527

info:
  name: Aruba Airwave <8.2.3.1 - Cross-Site Scripting
  author: pikpikcu
  

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!