CVE-2016-1926
26.01.2016, 19:59
Cross-site scripting (XSS) vulnerability in the charts module in Greenbone Security Assistant (GSA) 6.x before 6.0.8 allows remote attackers to inject arbitrary web script or HTML via the aggregate_type parameter in a get_aggregate command to omp.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
greenbone | greenbone_security_assistant | 6.0.0 |
greenbone | greenbone_security_assistant | 6.0.1 |
greenbone | greenbone_security_assistant | 6.0.2 |
greenbone | greenbone_security_assistant | 6.0.3 |
greenbone | greenbone_security_assistant | 6.0.4 |
greenbone | greenbone_security_assistant | 6.0.5 |
greenbone | greenbone_security_assistant | 6.0.6 |
greenbone | greenbone_security_assistant | 6.0.7 |
greenbone | greenbone_os | 3.1.1 |
greenbone | greenbone_os | 3.1.6 |
greenbone | greenbone_os | 3.1.7 |
greenbone | greenbone_os | 3.1.8 |
greenbone | greenbone_os | 3.1.9 |
greenbone | greenbone_os | 3.1.10 |
greenbone | greenbone_os | 3.1.11 |
greenbone | greenbone_os | 3.1.12 |
greenbone | greenbone_os | 3.1.13 |
greenbone | greenbone_os | 3.1.14 |
greenbone | greenbone_os | 3.1.15 |
greenbone | greenbone_os | 3.1.16 |
greenbone | greenbone_os | 3.1.17 |
greenbone | greenbone_os | 3.1.18 |
greenbone | greenbone_os | 3.1.19 |
greenbone | greenbone_os | 3.1.20 |
greenbone | greenbone_os | 3.1.21 |
greenbone | greenbone_os | 3.1.22 |
greenbone | greenbone_os | 3.1.23 |
𝑥
= Vulnerable software versions
References