CVE-2016-0927 Ops Manager XSS vulnerability


Severity

High

Vendor

Pivotal

Versions Affected
  • Pivotal Ops Manager 1.6.x versions prior to 1.6.17
Description

Ops Manager has a stored-cross site scripting vulnerability. The vulnerability can be triggered by an unauthenticated attacker and can affect the administrator of the application.

Mitigation

Users of affected versions should apply the following mitigation:

  • Upgrade Pivotal Ops Manager 1.6.x versions to 1.6.17
Credit

Graham Viski, Digital Transformation Office, Australian Government

References