← back
CVE-2019-3776

Reflected XSS in Pivotal Operations Manager

CVSS 7.2 HIGHEPSS 0.9%CWE-79
Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with malicious content could execute arbitrary JavaScript in the user's browser.
CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L
Affected products
Pivotal · Pivotal Ops Manager

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://pivotal.io/security/cve-2019-3776http://www.securityfocus.com/bid/107344