MEDIUM🇵🇱 Wersja polska

CVE-2016-5061

CVSS 6.1v3.0pub. 2016-09-29upd. 2026-05-06

Multiple cross-site scripting (XSS) vulnerabilities in the web server in Aternity before 9.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTPAgent, (2) MacAgent, (3) getExternalURL, or (4) retrieveTrustedUrl page.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Aternity

    APP
    Aternity
    ≤ 9.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2016-5062CRITICAL9.8ten sam produkt

The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java M...

CVE-2022-43997HIGH7.8ten sam produkt

Incorrect access control in Aternity agent in Riverbed Aternity before 12.1.4.27 allows for local privilege es...