Description
Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact via vectors involving emails with password recovery links, aka "Cross Domain Referer Leakage."
Remediation
References
https://pivotal.io/security/cve-2015-5170-5173
Related Vulnerabilities
CVE-2023-50422 Vulnerability in maven package com.sap.cloud.security:spring-security
CVE-2013-2165 Vulnerability in maven package org.richfaces.framework:richfaces-impl-jsf2
CVE-2021-44228 Vulnerability in maven package org.apache.logging.log4j:log4j-core
CVE-2019-10170 Vulnerability in maven package org.keycloak:keycloak-services
CVE-2020-8203 Vulnerability in maven package org.webjars.bowergithub.lodash:lodash