{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T15:08:20.497","vulnerabilities":[{"cve":{"id":"CVE-2016-10256","sourceIdentifier":"secure@symantec.com","published":"2018-01-10T02:29:31.833","lastModified":"2024-11-21T02:43:40.283","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary JavaScript code into the management console web client application. This is a separate vulnerability from CVE-2016-10257."},{"lang":"es","value":"La consola de gestión de Symantec ProxySG 6.5 (en versiones anteriores a la 6.5.10.6), 6.6 y 6.7 (en versiones anteriores a la 6.7.2.1) es susceptible de contener una vulnerabilidad de XSS reflejado. Un atacante remoto puede emplear una URL de la consola de gestión manipulada en un ataque de phishing para inyectar código JavaScript arbitrario en la aplicación del cliente web de la consola de gestión. Esta vulnerabilidad es diferente de CVE-2016-10257."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.5.10.6","matchCriteriaId":"6EB38BF8-32F4-45F5-8681-60BE4A209EF7"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:symantec_proxysg:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.7.2.1","matchCriteriaId":"D80D6174-972A-4E47-ABAA-1B53D03221E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:symantec_proxysg:6.6:*:*:*:*:*:*:*","matchCriteriaId":"004F99F2-E750-4FC5-A2A6-65FD1C918676"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/102451","source":"secure@symantec.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1040138","source":"secure@symantec.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.symantec.com/security-center/network-protection-security-advisories/SA155","source":"secure@symantec.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/102451","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1040138","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.symantec.com/security-center/network-protection-security-advisories/SA155","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}