Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-8019

CWE-79Cross-site Scripting (XSS)4 documents4 sources
Severity
6.1MEDIUM
EPSS
1.3%
top 20.03%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Mcafee Virusscan EnterpriseIntel Virusscan Enterprise Linux (vsel)
Timeline
PublishedMar 14
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

CVEListV5intel/virusscan_enterprise_linux_(vsel)2.0.3 (and earlier)

🔴Vulnerability Details

2
GHSA
GHSA-4vmv-cqg4-7f3q: Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 22022-05-17
CVEList
CVE-2016-8019: Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 22017-03-14

💥Exploits & PoCs

1
Exploit-DB
McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution2016-12-13
CVE-2016-8019 (MEDIUM CVSS 6.1) | Cross-site scripting (XSS) vulnerab | cvebase.io