Cross-Site Scripting Vulnerabilities in Novell Filr
CVE-2016-1609

5.4MEDIUM

Key Information:

Vendor

Novell
Status
Filr
Vendor
CVE Published:
1 August 2016

What is CVE-2016-1609?

Multiple cross-site scripting vulnerabilities exist in Novell Filr, allowing authenticated users to inject malicious scripts through manipulated input fields. These vulnerabilities can be exploited via user profile attributes, including IMG elements, posing a significant risk to the integrity and security of user data.

References

http://seclists.org/bugtraq/2016/Jul/119
mailing-listx_refsource_BUGTRAQ
https://download.novell.com/Download?buildid=3V-3ArYN85I~
x_refsource_CONFIRM
https://www.exploit-db.com/exploits/40161/
exploitx_refsource_EXPLOIT-DB

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.