CVE-2016-6519

NameCVE-2016-6519
DescriptionCross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs838017

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
manila-ui (PTS)bullseye4.0.0-2fixed
bookworm8.0.0-2fixed
sid, trixie12.0.0-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
manila-uisource(unstable)2.5.1-0838017

Search for package or bug name: Reporting problems