AirWave Management Platform Multiple Security Vulnerabilities
AirWave Management Platform is prone to the following multiple security issues:
1. Cross-site scripting vulnerability
2. An XML external entity injection vulnerability
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary commands in the context of the application, gain elevated privileges or cause denial-of-service conditions.
All versions of AirWave prior to 188.8.131.52 are vulnerable.