CVE-2016-7103

{"id": "CVE-2016-7103", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2017-03-15T16:59:00.173", "references": [{"url": "http://rhn.redhat.com/errata/RHSA-2016-2932.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2933.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2017-0161.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/104823", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://github.com/jquery/api.jqueryui.com/issues/281", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/jquery/jquery-ui/commit/9644e7bae9116edaf8d37c5b38cb32b892f10ff6", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://jqueryui.com/changelog/1.12.0/", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2I4UHPIW26FIALH7GGZ3IYUUA53VOOJ/", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://nodesecurity.io/advisories/127", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.netapp.com/advisory/ntap-20190416-0007/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.drupal.org/sa-core-2022-002", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.oracle.com//security-alerts/cpujul2021.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.oracle.com/security-alerts/cpujan2022.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.tenable.com/security/tns-2016-19", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function."}, {"lang": "es", "value": "Vulnerabilidad de XSS en la interfaz de usuario de jQuery en versiones anteriores a 1.12.0 podr\u00eda permitir a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro closeText de la funci\u00f3n dialog."}], "lastModified": "2023-06-22T19:50:11.053", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3528129-B978-4520-8569-126F9219D597", "versionEndIncluding": "1.11.4", "versionStartIncluding": "1.10.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90CFEC52-A574-493E-A2AC-0EC21851BBFA", "versionEndExcluding": "19.1"}, {"criteria": "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "77C3DD16-1D81-40E1-B312-50FBD275507C"}, {"criteria": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "81DAC8C0-D342-44B5-9432-6B88D389584F"}, {"criteria": "cpe:2.3:a:oracle:hospitality_cruise_fleet_management:9.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03C46CCD-B49F-405A-A0A0-E0DFBA60F0D5"}, {"criteria": "cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71CB79ED-A93E-4CBD-BCDD-82C5A00B373B", "versionEndExcluding": "2.12.42"}, {"criteria": "cpe:2.3:a:oracle:oss_support_tools:2.12.42:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "747C7295-8731-4C59-BC81-CE60C4028C23"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C060869-6873-4CC0-B140-C229818FDA5D", "versionEndIncluding": "16.2", "versionStartIncluding": "16.0"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4F41053-5656-4017-918F-AD5F31DCA453", "versionEndIncluding": "17.12.4", "versionStartIncluding": "17.0"}, {"criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36FB86BE-67E5-4244-80B8-DBB54A4342F0", "versionEndIncluding": "18.8.4", "versionStartIncluding": "18.0"}, {"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D9E0011-6FF5-4C90-9780-7A1297BB09BF", "versionEndIncluding": "21.2"}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B40B13B7-68B3-4510-968C-6A730EB46462"}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811"}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95"}, {"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6"}, {"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}