{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T10:19:51.035","vulnerabilities":[{"cve":{"id":"CVE-2016-3196","sourceIdentifier":"cve@mitre.org","published":"2016-08-05T14:59:06.547","lastModified":"2025-04-12T10:46:40.837","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Fortinet FortiAnalyzer 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 allows remote authenticated users to inject arbitrary web script or HTML via the filename of an image uploaded in the report section."},{"lang":"es","value":"Vulnerabilidad de XSS en Fortinet FortiAnalyzer 5.x en versiones anteriores a 5.0.12 y 5.2.x en versiones anteriores a 5.2.6 y FortiManager 5.x en versiones anteriores a 5.0.12 y 5.2.x en versiones anteriores a 5.2.6 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través del nombre de archivo de una imagen cargada en la sección del informe."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.0.3:*:*:*:*:*:*:*","matchCriteriaId":"83ADE078-F9B6-4E46-89AB-F9DE3A2EAF06"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.0.4:*:*:*:*:*:*:*","matchCriteriaId":"A5DF6CBD-E8D8-40B7-9512-CD739D6FA918"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.0.5:*:*:*:*:*:*:*","matchCriteriaId":"42304E1B-C9BF-4CCE-A5C7-4FAC7E4C87E3"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.0.6:*:*:*:*:*:*:*","matchCriteriaId":"34B83D3F-23C8-4781-887C-1876B103A4B2"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.0.7:*:*:*:*:*:*:*","matchCriteriaId":"BC2F75CB-BC6D-434A-84C8-6290F4B6E8B1"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.0.8:*:*:*:*:*:*:*","matchCriteriaId":"AB152570-F07F-4706-9717-D31F5F31CDE4"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.0.9:*:*:*:*:*:*:*","matchCriteriaId":"C2A3410C-E673-49C1-AA2C-2BD77C68DCA6"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.0.10:*:*:*:*:*:*:*","matchCriteriaId":"6AFEA22C-D661-4859-86CE-329D23E3EF87"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.2.0:*:*:*:*:*:*:*","matchCriteriaId":"72523D47-A6FA-48E8-B2D0-3563027CE35C"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.2.1:*:*:*:*:*:*:*","matchCriteriaId":"7FE6366D-0535-4681-90F7-3AB9386184A2"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.2.2:*:*:*:*:*:*:*","matchCriteriaId":"0F5BBE82-1D71-40EE-B506-1DD1066F537C"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.2.3:*:*:*:*:*:*:*","matchCriteriaId":"F1A2A3F2-A908-4192-8032-F8FA3310B50A"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.2.4:*:*:*:*:*:*:*","matchCriteriaId":"0B621447-97C3-42B4-92FF-3D5BEDE26A2F"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortimanager_firmware:5.2.5:*:*:*:*:*:*:*","matchCriteriaId":"4D281C46-3C6A-4ABA-B25C-1FA623F78566"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.0:*:*:*:*:*:*:*","matchCriteriaId":"9B83E355-BA1A-47B3-AE43-04668C87FD8D"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.1:*:*:*:*:*:*:*","matchCriteriaId":"4EBA54E4-E824-4F68-94BF-D70F5A51B40F"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.4:*:*:*:*:*:*:*","matchCriteriaId":"0C3F75D9-5719-4392-8FDE-DA1CFEE5BEFD"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.5:*:*:*:*:*:*:*","matchCriteriaId":"06360B2F-EE21-4E99-9931-E4C62B1D2C25"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortianalyzer_firmware:5.0.10:*:*:*:*:*:*:*","matchCriteriaId":"C4BA0949-E1B2-41F4-801C-1FF5FDD5FD8A"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.0:*:*:*:*:*:*:*","matchCriteriaId":"B27A485B-71F5-485C-9F3C-691A4F1CA5A3"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.1:*:*:*:*:*:*:*","matchCriteriaId":"0E098F02-C9DA-4EC9-B13C-8DFD6735615F"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.2:*:*:*:*:*:*:*","matchCriteriaId":"BF465F07-3786-4533-9B61-C8344DCB166F"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.3:*:*:*:*:*:*:*","matchCriteriaId":"D43C2347-D6F3-40A6-8E00-DD31F11A84BB"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.4:*:*:*:*:*:*:*","matchCriteriaId":"A48CA4D3-FBD6-4048-8FFB-C0A874402E1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortianalyzer_firmware:5.2.5:*:*:*:*:*:*:*","matchCriteriaId":"4F9636D8-7C3B-4504-9D1C-01AC471EAFAF"}]}]}],"references":[{"url":"http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-persistent-xss-vulnerability","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://seclists.org/fulldisclosure/2016/Aug/4","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/archive/1/539069/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/92203","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1036550","source":"cve@mitre.org"},{"url":"http://www.securitytracker.com/id/1036551","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.vulnerability-lab.com/get_content.php?id=1687","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-persistent-xss-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://seclists.org/fulldisclosure/2016/Aug/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securityfocus.com/archive/1/539069/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/92203","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1036550","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id/1036551","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.vulnerability-lab.com/get_content.php?id=1687","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}