Published: 24/05/2019 Updated: 03/06/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

It exists that Doxygen incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code and compromise sensitive information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
doxygen doxygen

Synopsis Low: doxygen security and bug fix update Type/Severity Security Advisory: Low Topic An update for doxygen is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which ...

Doxygen could be made to run scripts as your login if it received a specially crafted query ...

Insufficient sanitization of the query parameter in templates/html/search_opensearchphp could lead to reflected cross-site scripting or iframe injection (CVE-2016-10245) ...

Impact: Low Public Date: 2019-05-24 CWE: CWE-352 Bugzilla: 1714190: CVE-2016-10245 doxygen: cross-site ...

CWE-79 https://github.com/doxygen/doxygen/commit/1cc1adad2de03a0f013881b8960daf89aa155081 https://bugzilla.gnome.org/show_bug.cgi?id=762934 http://www.stack.nl/~dimitri/doxygen/manual/changelog.html#log_1_8_12 http://www.securityfocus.com/bid/108476 https://lists.debian.org/debian-lts-announce/2019/05/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00000.html https://usn.ubuntu.com/4002-1/https://access.redhat.com/errata/RHSA-2020:1034 https://usn.ubuntu.com/4002-1/https://nvd.nist.gov

CVE-2016-10245

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect