MEDIUM🇬🇧 English

CVE-2016-5061

CVSS 6.1v3.0pub. 2016-09-29upd. 2026-05-06

Multiple cross-site scripting (XSS) vulnerabilities in the web server in Aternity before 9.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTPAgent, (2) MacAgent, (3) getExternalURL, or (4) retrieveTrustedUrl page.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Aternity

    APP
    Aternity
    ≤ 9.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2016-5062CRITICAL9.8ten sam produkt

The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java M...

CVE-2022-43997HIGH7.8ten sam produkt

Incorrect access control in Aternity agent in Riverbed Aternity before 12.1.4.27 allows for local privilege es...

CVE-2016-5061 — MEDIUM 6.1 | CVEbaza.pl