Description
Cross-site scripting (XSS) vulnerability in the login CGI program in Aruba Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier FIPS versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected products
- Aruba / mobility_controller2.4.8.6-fips
References
- MISChttp://www.kb.cert.org/vuls/id/680449
- MISChttp://www.securityfocus.com/bid/25059
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/2646
- VENDOR_ADVISORYhttp://secunia.com/advisories/26192
- MISChttp://www.securitytracker.com/id?1018457
- MISChttp://osvdb.org/36469
- MISChttp://www.arubanetworks.com/support/alerts/aid-070907b.asc
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/35605