Home

CVE-2016-2163

Description

Cross-site scripting (XSS) vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event.

Risk Information

Base Score
6.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
2.728

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2016-2163,CVE-2016-2164 are fixed in Apache - openmeetings-parent 3.1.1Windows
Vulnerabilities CVE-2016-2163,CVE-2016-2164 are fixed in Apache - openmeetings-parent for Linux 3.1.1Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234