Reflected Cross-Site Scripting Vulnerability in Pivotal Operations Manager

Reflected Cross-Site Scripting Vulnerability in Pivotal Operations Manager

CVE-2019-3776 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with malicious content could execute arbitrary JavaScript in the user's browser.

Learn more about our User Device Pen Test.