CVE-2016-0781
- Source
- https://cve.org/CVERecord?id=CVE-2016-0781
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0781.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-0781
- Published
- 2017-05-25T17:29:00.553Z
- Modified
- 2026-03-14T09:17:30.064182Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
The UAA OAuth approval pages in Cloud Foundry v208 to v231, Login-server v1.6 to v1.14, UAA v2.0.0 to v2.7.4.1, UAA v3.0.0 to v3.2.0, UAA-Release v2 to v7 and Pivotal Elastic Runtime 1.6.x versions prior to 1.6.20 are vulnerable to an XSS attack by specifying malicious java script content in either the OAuth scopes (SCIM groups) or SCIM group descriptions.
- References
Affected packages
Git / github.com/cloudfoundry/cf-release
Affected ranges
- Type
- GIT
- Repo
- https://github.com/cloudfoundry/cf-release
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "208" }, { "introduced": "0" }, { "last_affected": "209" }, { "introduced": "0" }, { "last_affected": "210" }, { "introduced": "0" }, { "last_affected": "211" }, { "introduced": "0" }, { "last_affected": "212" }, { "introduced": "0" }, { "last_affected": "213" }, { "introduced": "0" }, { "last_affected": "214" }, { "introduced": "0" }, { "last_affected": "215" }, { "introduced": "0" }, { "last_affected": "217" }, { "introduced": "0" }, { "last_affected": "218" }, { "introduced": "0" }, { "last_affected": "219" }, { "introduced": "0" }, { "last_affected": "220" }, { "introduced": "0" }, { "last_affected": "221" }, { "introduced": "0" }, { "last_affected": "222" }, { "introduced": "0" }, { "last_affected": "223" }, { "introduced": "0" }, { "last_affected": "224" }, { "introduced": "0" }, { "last_affected": "225" }, { "introduced": "0" }, { "last_affected": "226" }, { "introduced": "0" }, { "last_affected": "227" }, { "introduced": "0" }, { "last_affected": "228" }, { "introduced": "0" }, { "last_affected": "229" }, { "introduced": "0" }, { "last_affected": "230" }, { "introduced": "0" }, { "last_affected": "231" }, { "introduced": "0" }, { "last_affected": "241" } ] }
- Type
- GIT
- Repo
- https://github.com/cloudfoundry/uaa
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "1.6.0" }, { "introduced": "0" }, { "last_affected": "1.6.1" }, { "introduced": "0" }, { "last_affected": "1.6.2" }, { "introduced": "0" }, { "last_affected": "1.6.3" }, { "introduced": "0" }, { "last_affected": "1.6.4" }, { "introduced": "0" }, { "last_affected": "1.6.5" }, { "introduced": "0" }, { "last_affected": "2.7.4.1" }, { "introduced": "0" }, { "last_affected": "3.0.0" }, { "introduced": "0" }, { "last_affected": "3.0.1" }, { "introduced": "0" }, { "last_affected": "3.1.0" }, { "introduced": "0" }, { "last_affected": "3.2.0" } ] }
- Type
- GIT
- Repo
- https://github.com/cloudfoundry/uaa-release
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "2" }, { "introduced": "0" }, { "last_affected": "3" }, { "introduced": "0" }, { "last_affected": "4" }, { "introduced": "0" }, { "last_affected": "5" }, { "introduced": "0" }, { "last_affected": "6" }, { "introduced": "0" }, { "last_affected": "7" } ] }
Affected versions
Other
-
list
log
scotty_09012012
v
v100
v101
v102
v103
v104
v105
v106
v107
v108
v109
v110
v111
v112
v113
v114
v115
v116
v117
v118
v119
v119-fixed
v120
v121
v122
v123
v124
v125
v126
v127
v128
v129
v130
v131
v132
v133
v134
v135
v136
v137
v138
v139
v140
v141
v142
v143
v144
v145
v146
v147
v148
v149
v150
v151
v152
v153
v154
v155
v156
v157
v158
v159
v160
v161
v162
v163
v164
v165
v166
v168
v169
v170
v171
v172
v173
v175
v176
v177
v178
v179
v180
v182
v183
v186
v187
v188
v189
v190
v191
v192
v193
v194
v195
v196
v197
v198
v199
v2
v200
v201
v202
v203
v204
v205
v206
v207
v208
v68
v69
v70
v71
v72
v73
v74
v75
v76
v77
v78
v79
v80
v81
v82
v83
v84
v85
v86
v87
v88
v89
v90
v91
v92
v93
v94
v95
v95-fixed
v96
v97
v98
v99
works-for-us
1.*
1.0.1
1.0.2
1.0.3
1.1
1.1.1
1.1.2
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.3.1
1.4.0
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.4.6
1.4.7
1.5.0
1.5.2
1.5.2.1
1.5.3
1.5.4
1.5.4.1
1.6.0
rc145.*
rc145.0
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0781.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "216"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.16"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.17"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.18"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.6.19"
}
]
}
]