VWE-2016-2072 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2016-2072
This page is a chapter in Info Known Vulnerabilities

This page has been seen 243,492 times.

- Created by
  pegasus
  on January 21, 2016
  
  Last updated by
  pegasus
  on February 16, 2017

Common Name Relative Vulnerability
VWE-ID VWE-2016-2072
Related Report None
Severity HIGH
Exploit Difficulty EASY
Platform Affects all platforms supported by the vulnerable versions.
Description HTML/Javascript injection.

Discovered January 19, 2016
Resolved January 21, 2016
Patches Available 4.0.8 Patch Level 1
4.0.7 Patch Level 2
4.0.6 Patch Level 5
4.0.5 Patch Level 5
4.0.4 Patch Level 5
4.0.3 Patch Level 5
4.0.2 Patch Level 8
4.0.1 Patch Level 11
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.

Common Name	Relative Vulnerability
VWE-ID	VWE-2016-2072
Related Report	None
Severity	HIGH
Exploit Difficulty	EASY
Platform	Affects all platforms supported by the vulnerable versions.
Description	HTML/Javascript injection.
Discovered	January 19, 2016
Resolved	January 21, 2016
Patches Available	4.0.8 Patch Level 1 4.0.7 Patch Level 2 4.0.6 Patch Level 5 4.0.5 Patch Level 5 4.0.4 Patch Level 5 4.0.3 Patch Level 5 4.0.2 Patch Level 8 4.0.1 Patch Level 11