CVE-2016-0927

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2016-0927

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0927.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-0927

Published

2016-09-18T02:59:07.947Z

Modified

2026-04-10T03:46:09.638058Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Cross-site scripting (XSS) vulnerability in Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

https://pivotal.io/security/cve-2016-0927

Affected packages

Git / github.com/cloudfoundry/uaa

Affected ranges

Type

GIT

Repo

https://github.com/cloudfoundry/uaa

Events

Introduced

Last affected

ae59bf11fec166fd075b1dbead2ae16effa57e3f

Introduced

Last affected

96b1fc8e3a982b6f478e363f3919a4a16e0a6a92

Introduced

Last affected

58caa488fe3cc30f745b9f5079c42141d606436b

Introduced

Last affected

e0080f861db5b30c0793973e5c4fff7153040ecb

Introduced

Last affected

bb75c2730c921667652b4589d67bec2246b1f306

Introduced

Last affected

cde7ba5da9b64cb45bd64c61c6fb2899bbc3e0f2

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.6.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.6.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.6.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.6.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.6.5"
        }
    ]
}

Affected versions

1.*

1.0.1

1.0.3

1.1

1.1.1

1.1.2

1.2.0

1.2.6

1.4.0

1.4.1

1.4.2

1.4.3

1.4.5

1.4.6

1.4.7

1.5.0

1.5.2

1.5.2.1

1.5.3

1.5.4

1.5.4.1

1.6.0

1.6.1

1.6.2

1.6.3

1.6.4

1.6.5

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.6.6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.6.7"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.6.8"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.6.9"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.6.10"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.6.11"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.6.12"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.6.13"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.6.14"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.6.15"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0927.json"