CVE-2016-3709
Published on: Not Yet Published
Last Modified on: 12/07/2022 04:39:00 PM UTC
Certain versions of Libxml2 from Xmlsoft contain the following vulnerability:
Possible cross-site scripting vulnerability in libxml after commit 960f0e2.
- CVE-2016-3709 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 6.1 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | LOW | NONE | REQUIRED |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
CHANGED | LOW | LOW | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
[xml] Incorrect server side include parsing can lead to XSS and other si | mail.gnome.org text/html |
![]() |
Related QID Numbers
- 160221 Oracle Enterprise Linux Security Update for libxml2 (ELSA-2022-7715)
- 198885 Ubuntu Security Notification for libxml2 Vulnerability (USN-5548-1)
- 240852 Red Hat Update for libxml2 (RHSA-2022:7715)
- 502486 Alpine Linux Security Update for libxml2
- 672180 EulerOS Security Update for libxml2 (EulerOS-SA-2022-2471)
- 752722 SUSE Enterprise Linux Security Update for libxml2 (SUSE-SU-2022:3717-1)
- 752764 SUSE Enterprise Linux Security Update for libxml2 (SUSE-SU-2022:3871-1)
- 902614 Common Base Linux Mariner (CBL-Mariner) Security Update for libxml2 (10416)
- 902656 Common Base Linux Mariner (CBL-Mariner) Security Update for libxml2 (10442)
- 940731 AlmaLinux Security Update for libxml2 (ALSA-2022:7715)
- 960272 Rocky Linux Security Update for libxml2 (RLSA-2022:7715)
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Xmlsoft | Libxml2 | All | All | All | All |
- cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE