{"api_version":"1","generated_at":"2026-06-10T15:19:52+00:00","cve":"CVE-2016-8581","urls":{"html":"https://cve.report/CVE-2016-8581","api":"https://cve.report/api/cve/CVE-2016-8581.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2016-8581","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2016-8581"},"summary":{"title":"CVE-2016-8581","description":"A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator.","state":"PUBLISHED","assigner":"mitre","published_at":"2016-10-28 15:59:05","updated_at":"2026-05-06 22:30:45"},"problem_types":["CWE-79","n/a"],"metrics":[{"version":"3.0","source":"nvd@nist.gov","type":"Primary","score":"6.1","severity":"MEDIUM","vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","data":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"}}],"references":[{"url":"http://www.securityfocus.com/bid/93862","name":"http://www.securityfocus.com/bid/93862","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Alienvault OSSIM/USM CVE-2016-8581 HTML Injection Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities","name":"https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Security Advisory - AlienVault 5.3.2 address 70 vulnerabilities - AlienVault Community Forums","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.exploit-db.com/exploits/40683/","name":"https://www.exploit-db.com/exploits/40683/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Alienvault OSSIM/USM 5.3.1 - Persistent Cross-Site Scripting - PHP webapps Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2016-8581","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8581","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2016","cve_id":"8581","vulnerable":"1","versionEndIncluding":"5.3.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"alienvault","cpe5":"open_source_security_information_and_event_management","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"8581","vulnerable":"1","versionEndIncluding":"5.3.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"alienvault","cpe5":"unified_security_management","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2016","cve_id":"8581","cve":"CVE-2016-8581","epss":"0.681510000","percentile":"0.986140000","score_date":"2026-05-09","updated_at":"2026-05-10 00:03:06"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T02:27:40.896Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"93862","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/93862"},{"name":"40683","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"https://www.exploit-db.com/exploits/40683/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2016-10-28T00:00:00.000Z","descriptions":[{"lang":"en","value":"A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-09-02T09:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"93862","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/93862"},{"name":"40683","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"https://www.exploit-db.com/exploits/40683/"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2016-8581","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"93862","refsource":"BID","url":"http://www.securityfocus.com/bid/93862"},{"name":"40683","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/40683/"},{"name":"https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities","refsource":"CONFIRM","url":"https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2016-8581","datePublished":"2016-10-28T15:00:00.000Z","dateReserved":"2016-10-10T00:00:00.000Z","dateUpdated":"2024-08-06T02:27:40.896Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2016-10-28 15:59:05","lastModifiedDate":"2026-05-06 22:30:45","problem_types":["CWE-79","n/a"],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:alienvault:open_source_security_information_and_event_management:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.1","matchCriteriaId":"54AB403B-AABE-4C0F-A2C6-3D2E6AA81763"},{"vulnerable":true,"criteria":"cpe:2.3:a:alienvault:unified_security_management:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.1","matchCriteriaId":"294E154B-AEE3-454A-919A-AB4006BC6A02"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2016","CveId":"8581","Ordinal":"1","Title":"CVE-2016-8581","CVE":"CVE-2016-8581","Year":"2016"},"notes":[{"CveYear":"2016","CveId":"8581","Ordinal":"1","NoteData":"A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator.","Type":"Description","Title":"CVE-2016-8581"},{"CveYear":"2016","CveId":"8581","Ordinal":"2","NoteData":"2016-10-28","Type":"Other","Title":"Published"},{"CveYear":"2016","CveId":"8581","Ordinal":"3","NoteData":"2017-09-02","Type":"Other","Title":"Modified"}]}}}