Vulnerability-Lookup

CVE-2016-8506 (GCVE-0-2016-8506)

Vulnerability from cvelistv5 – Published: 2016-10-26 18:00 – Updated: 2024-08-06 02:27

Summary

XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.

Severity

6.1 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

Yandex Browser Translater XSS

Assigner

yandex

References

2 references

URL	Tags
https://browser.yandex.com/security/changelogs/	x_refsource_CONFIRM
http://www.securityfocus.com/bid/93927	vdb-entryx_refsource_BID

Impacted products

1 product

Vendor	Product	Version
Yandex N.V.	Yandex Browser for desktop	Affected: 15.12 to 16.2 for OSx and Linux

Date Public

2016-10-25 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:40.870Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://browser.yandex.com/security/changelogs/"
          },
          {
            "name": "93927",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93927"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Yandex Browser for desktop",
          "vendor": "Yandex N.V.",
          "versions": [
            {
              "status": "affected",
              "version": "15.12 to 16.2 for OSx and Linux"
            }
          ]
        }
      ],
      "datePublic": "2016-10-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Yandex Browser Translater XSS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01.000Z",
        "orgId": "a51c9250-e584-488d-808b-03e6f1386796",
        "shortName": "yandex"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://browser.yandex.com/security/changelogs/"
        },
        {
          "name": "93927",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93927"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "browser-security@yandex-team.ru",
          "ID": "CVE-2016-8506",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Yandex Browser for desktop",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "15.12 to 16.2 for OSx and Linux"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Yandex N.V."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Yandex Browser Translater XSS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://browser.yandex.com/security/changelogs/",
              "refsource": "CONFIRM",
              "url": "https://browser.yandex.com/security/changelogs/"
            },
            {
              "name": "93927",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93927"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a51c9250-e584-488d-808b-03e6f1386796",
    "assignerShortName": "yandex",
    "cveId": "CVE-2016-8506",
    "datePublished": "2016-10-26T18:00:00.000Z",
    "dateReserved": "2016-10-07T00:00:00.000Z",
    "dateUpdated": "2024-08-06T02:27:40.870Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2016-8506",
      "date": "2026-06-08",
      "epss": "0.00229",
      "percentile": "0.45757"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yandex:yandex_browser:15.2.2214.3645:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85BD2680-01D4-4B05-9358-EB550E91A9FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yandex:yandex_browser:15.4.2272.3429:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00F9C181-CEDC-4E2C-8776-31C56B950D41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yandex:yandex_browser:15.6.2311.5029:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8D32042-ECD2-4D04-ADFB-4C45F22E7977\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yandex:yandex_browser:15.12.0.6151:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"728028D5-E37F-41A2-BDCF-1F700DB1C313\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yandex:yandex_browser:15.12.1.6475:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02ADC9FA-45D1-4D84-B330-E60D6FCF3680\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yandex:yandex_browser:16.2.0.3539:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A340C337-7203-4817-AE86-6B767C03B1F9\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.\"}, {\"lang\": \"es\", \"value\": \"XSS en Yandex Browser Translator en navegador Yandex para escritorio para versiones desde 15.12 hasta 16.2 podr\\u00eda ser usado por atacantes remotos para una evaluaci\\u00f3n arbitraria de un c\\u00f3digo javascript.\"}]",
      "id": "CVE-2016-8506",
      "lastModified": "2024-11-21T02:59:29.920",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2016-10-26T18:59:08.533",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/93927\", \"source\": \"browser-security@yandex-team.ru\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://browser.yandex.com/security/changelogs/\", \"source\": \"browser-security@yandex-team.ru\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/93927\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://browser.yandex.com/security/changelogs/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "browser-security@yandex-team.ru",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-8506\",\"sourceIdentifier\":\"browser-security@yandex-team.ru\",\"published\":\"2016-10-26T18:59:08.533\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.\"},{\"lang\":\"es\",\"value\":\"XSS en Yandex Browser Translator en navegador Yandex para escritorio para versiones desde 15.12 hasta 16.2 podr\u00eda ser usado por atacantes remotos para una evaluaci\u00f3n arbitraria de un c\u00f3digo javascript.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yandex:yandex_browser:15.2.2214.3645:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85BD2680-01D4-4B05-9358-EB550E91A9FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yandex:yandex_browser:15.4.2272.3429:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00F9C181-CEDC-4E2C-8776-31C56B950D41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yandex:yandex_browser:15.6.2311.5029:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8D32042-ECD2-4D04-ADFB-4C45F22E7977\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yandex:yandex_browser:15.12.0.6151:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"728028D5-E37F-41A2-BDCF-1F700DB1C313\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yandex:yandex_browser:15.12.1.6475:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02ADC9FA-45D1-4D84-B330-E60D6FCF3680\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yandex:yandex_browser:16.2.0.3539:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A340C337-7203-4817-AE86-6B767C03B1F9\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/93927\",\"source\":\"browser-security@yandex-team.ru\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://browser.yandex.com/security/changelogs/\",\"source\":\"browser-security@yandex-team.ru\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93927\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://browser.yandex.com/security/changelogs/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
  }
}

BDU:2022-03576

Vulnerability from fstec - Published: 26.10.2016

Title

Уязвимость расширения Переводчик браузера Yandex Browser, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

Description

Уязвимость расширения Переводчик браузера Yandex Browser существует из-за непринятия мер по защите структуры веб-страницы. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, провести атаку межсайтового скриптинга (XSS)

Severity


                    
                      AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Vendor

ООО «Яндекс»

Software Name

Яндекс Бразуер

Software Version

до 16.2 (Яндекс Бразуер)

Possible Mitigations

Использование рекомендаций: https://yandex.com/bugbounty/i/hall-of-fame-browser/

Reference

https://yandex.com/bugbounty/i/hall-of-fame-browser/

CWE

CWE-79

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u042f\u043d\u0434\u0435\u043a\u0441\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 16.2 (\u042f\u043d\u0434\u0435\u043a\u0441 \u0411\u0440\u0430\u0437\u0443\u0435\u0440)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://yandex.com/bugbounty/i/hall-of-fame-browser/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "26.10.2016",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "22.06.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "22.06.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-03576",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2016-8506",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u042f\u043d\u0434\u0435\u043a\u0441 \u0411\u0440\u0430\u0437\u0443\u0435\u0440",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u041f\u0435\u0440\u0435\u0432\u043e\u0434\u0447\u0438\u043a \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Yandex Browser, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443 \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS)",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435 \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b (\u0438\u043b\u0438 \\\u00ab\u041c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u0430\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430\\\u00bb) (CWE-79)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u041f\u0435\u0440\u0435\u0432\u043e\u0434\u0447\u0438\u043a \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Yandex Browser \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u044f \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443 \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0438\u043d\u0433\u0430 (XSS)",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://yandex.com/bugbounty/i/hall-of-fame-browser/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-79",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,4)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,1)"
}

CNVD-2016-10248

Vulnerability from cnvd - Published: 2016-10-28

Title

Yandex Browser for desktop Yandex Browser Translator跨站脚本漏洞

Description

Yandex Browser for desktop是俄罗斯Yandex公司的一款桌面版浏览器。Yandex Browser Translator是其中的一个翻译应用。 Yandex Browser for desktop 15.12至16.2版本中的Yandex Browser Translator存在跨站脚本漏洞。远程攻击者可利用该漏洞执行任意Javascript代码。

Severity

中

Patch Name

Yandex Browser for desktop Yandex Browser Translator跨站脚本漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://browser.yandex.com/security/changelogs/

Reference

https://browser.yandex.com/security/changelogs/

Impacted products

Name
['Yandex Browser 16.1', 'Yandex Browser 16.0', 'Yandex Browser 15.12']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "93927"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-8506"
    }
  },
  "description": "Yandex Browser for desktop\u662f\u4fc4\u7f57\u65afYandex\u516c\u53f8\u7684\u4e00\u6b3e\u684c\u9762\u7248\u6d4f\u89c8\u5668\u3002Yandex Browser Translator\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7ffb\u8bd1\u5e94\u7528\u3002\r\n\r\nYandex Browser for desktop 15.12\u81f316.2\u7248\u672c\u4e2d\u7684Yandex Browser Translator\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610fJavascript\u4ee3\u7801\u3002",
  "discovererName": "Thereissuchname",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://browser.yandex.com/security/changelogs/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-10248",
  "openTime": "2016-10-28",
  "patchDescription": "Yandex Browser for desktop\u662f\u4fc4\u7f57\u65afYandex\u516c\u53f8\u7684\u4e00\u6b3e\u684c\u9762\u7248\u6d4f\u89c8\u5668\u3002Yandex Browser Translator\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7ffb\u8bd1\u5e94\u7528\u3002\r\n\r\nYandex Browser for desktop 15.12\u81f316.2\u7248\u672c\u4e2d\u7684Yandex Browser Translator\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610fJavascript\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Yandex Browser for desktop Yandex Browser Translator\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Yandex Browser 16.1",
      "Yandex Browser  16.0",
      "Yandex Browser  15.12"
    ]
  },
  "referenceLink": "https://browser.yandex.com/security/changelogs/",
  "serverity": "\u4e2d",
  "submitTime": "2016-10-28",
  "title": "Yandex Browser for desktop Yandex Browser Translator\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}

FKIE_CVE-2016-8506

Vulnerability from fkie_nvd - Published: 2016-10-26 18:59 - Updated: 2026-05-06 22:30

Severity

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.

References

URL	Tags
browser-security@yandex-team.ru	http://www.securityfocus.com/bid/93927	Third Party Advisory, VDB Entry
browser-security@yandex-team.ru	https://browser.yandex.com/security/changelogs/	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/93927	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://browser.yandex.com/security/changelogs/	Release Notes, Vendor Advisory

Impacted products

Vendor	Product	Version
yandex	yandex_browser	15.2.2214.3645
yandex	yandex_browser	15.4.2272.3429
yandex	yandex_browser	15.6.2311.5029
yandex	yandex_browser	15.12.0.6151
yandex	yandex_browser	15.12.1.6475
yandex	yandex_browser	16.2.0.3539

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yandex:yandex_browser:15.2.2214.3645:*:*:*:*:*:*:*",
              "matchCriteriaId": "85BD2680-01D4-4B05-9358-EB550E91A9FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yandex:yandex_browser:15.4.2272.3429:*:*:*:*:*:*:*",
              "matchCriteriaId": "00F9C181-CEDC-4E2C-8776-31C56B950D41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yandex:yandex_browser:15.6.2311.5029:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8D32042-ECD2-4D04-ADFB-4C45F22E7977",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yandex:yandex_browser:15.12.0.6151:*:*:*:*:*:*:*",
              "matchCriteriaId": "728028D5-E37F-41A2-BDCF-1F700DB1C313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yandex:yandex_browser:15.12.1.6475:*:*:*:*:*:*:*",
              "matchCriteriaId": "02ADC9FA-45D1-4D84-B330-E60D6FCF3680",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yandex:yandex_browser:16.2.0.3539:*:*:*:*:*:*:*",
              "matchCriteriaId": "A340C337-7203-4817-AE86-6B767C03B1F9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code."
    },
    {
      "lang": "es",
      "value": "XSS en Yandex Browser Translator en navegador Yandex para escritorio para versiones desde 15.12 hasta 16.2 podr\u00eda ser usado por atacantes remotos para una evaluaci\u00f3n arbitraria de un c\u00f3digo javascript."
    }
  ],
  "id": "CVE-2016-8506",
  "lastModified": "2026-05-06T22:30:45.220",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-10-26T18:59:08.533",
  "references": [
    {
      "source": "browser-security@yandex-team.ru",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/93927"
    },
    {
      "source": "browser-security@yandex-team.ru",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://browser.yandex.com/security/changelogs/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/93927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://browser.yandex.com/security/changelogs/"
    }
  ],
  "sourceIdentifier": "browser-security@yandex-team.ru",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-4887-46JH-42CG

Vulnerability from github – Published: 2022-05-17 03:35 – Updated: 2025-04-12 13:06

Details

XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.

Severity

6.1 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-8506"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-10-26T18:59:00Z",
    "severity": "MODERATE"
  },
  "details": "XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.",
  "id": "GHSA-4887-46jh-42cg",
  "modified": "2025-04-12T13:06:03Z",
  "published": "2022-05-17T03:35:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8506"
    },
    {
      "type": "WEB",
      "url": "https://browser.yandex.com/security/changelogs"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/93927"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2016-8506

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.

Aliases

CVE-2016-8506

Aliases

CVE-2016-8506

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-8506",
    "description": "XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.",
    "id": "GSD-2016-8506"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-8506"
      ],
      "details": "XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.",
      "id": "GSD-2016-8506",
      "modified": "2023-12-13T01:21:22.730025Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "browser-security@yandex-team.ru",
        "ID": "CVE-2016-8506",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Yandex Browser for desktop",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "15.12 to 16.2 for OSx and Linux"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Yandex N.V."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Yandex Browser Translater XSS"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://browser.yandex.com/security/changelogs/",
            "refsource": "CONFIRM",
            "url": "https://browser.yandex.com/security/changelogs/"
          },
          {
            "name": "93927",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/93927"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yandex:yandex_browser:15.4.2272.3429:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yandex:yandex_browser:15.2.2214.3645:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yandex:yandex_browser:15.12.1.6475:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yandex:yandex_browser:15.6.2311.5029:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yandex:yandex_browser:16.2.0.3539:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yandex:yandex_browser:15.12.0.6151:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "browser-security@yandex-team.ru",
          "ID": "CVE-2016-8506"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://browser.yandex.com/security/changelogs/",
              "refsource": "CONFIRM",
              "tags": [
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "https://browser.yandex.com/security/changelogs/"
            },
            {
              "name": "93927",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/93927"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2016-12-02T23:48Z",
      "publishedDate": "2016-10-26T18:59Z"
    }
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-8506 (GCVE-0-2016-8506)

BDU:2022-03576

CNVD-2016-10248

FKIE_CVE-2016-8506

GHSA-4887-46JH-42CG

GSD-2016-8506

Tags

Sightings

Nomenclature