CVE-2016-0927
MEDIUMPivotal Cloud Foundry <1.6.17 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (1)
Scores
CVSS v3
6.1
EPSS
0.0025
EPSS Percentile
48.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
published
Affected Products (17)
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
pivotal_software/cloud_foundry_elastic_runtime
... and 2 more
Timeline
Published
Sep 18, 2016
Tracked Since
Feb 18, 2026