CVE-2016-8581
A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator.
| Software | From | Fixed in |
|---|---|---|
| alienvault / unified_security_management | - | 5.3.1.x |
| alienvault / open_source_security_information_and_event_management | - | 5.3.1.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime