CVE-2016-3709

Severity

6.1MEDIUM

EPSS

0.2%

top 54.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJul 28

Latest updateAug 4

Description

Possible cross-site scripting vulnerability in libxml after commit 960f0e2.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

▶NVDxmlsoft/libxml22.9.2 — 2.9.11

▶Debianlibxml2< 2.9.10+dfsg-6.7+deb11u5+3

▶CVEListV5libxml22.9.x

GHSA

GHSA-4p43-98m8-qxmc: Possible cross-site scripting vulnerability in libxml after commit 960f0e2↗2022-07-29

▶

CVEList

CVE-2016-3709: Possible cross-site scripting vulnerability in libxml after commit 960f0e2↗2022-07-28

▶

OSV

CVE-2016-3709: Possible cross-site scripting vulnerability in libxml after commit 960f0e2↗2022-07-28

▶

Ubuntu

libxml2 vulnerability↗2022-08-04

▶

Microsoft

Possible cross-site scripting vulnerability in libxml after commit 960f0e2.↗2022-07-12

▶

Red Hat

libxml2: Incorrect server side include parsing can lead to XSS↗2016-08-11

▶

Debian

CVE-2016-3709: libxml2 - Possible cross-site scripting vulnerability in libxml after commit 960f0e2.↗2016

▶