Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with malicious content could execute arbitrary JavaScript in the user's browser.
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
07/03/2019
by Pivotal Software
4 years ago