{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T20:50:31.004","vulnerabilities":[{"cve":{"id":"CVE-2016-8639","sourceIdentifier":"secalert@redhat.com","published":"2018-08-01T13:29:00.310","lastModified":"2024-11-21T02:59:44.487","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"It was found that foreman before 1.13.0 is vulnerable to a stored XSS via an organization or location name. This could allow an attacker with privileges to set the organization or location name to display arbitrary HTML including scripting code within the web interface."},{"lang":"es","value":"Se ha detectado que Foreman en versiones anteriores a la 1.13.0 es vulnerable a Cross-Site Scripting (XSS) persistente mediante un nombre de organización o ubicación. Esto podría permitir que un atacante con privilegios para establecer el nombre de organización o ubicación muestre HTML arbitrario, incluyendo código de scripting en la interfaz web."}],"metrics":{"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*","versionEndExcluding":"1.13.0","matchCriteriaId":"C11647E6-560E-4814-86F7-950FDC60A66D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:6.3:*:*:*:*:*:*:*","matchCriteriaId":"87F6E32E-6AF3-489A-AFEF-D5309E0D1779"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite_capsule:6.3:*:*:*:*:*:*:*","matchCriteriaId":"85FB21E6-FFBC-4286-959E-7418C6A356E9"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/94263","source":"secalert@redhat.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:0336","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8639","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/theforeman/foreman/pull/3523","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://projects.theforeman.org/issues/15037","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/94263","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:0336","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8639","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/theforeman/foreman/pull/3523","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://projects.theforeman.org/issues/15037","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}