CVE-2016-15008 LOW

CVE-2016-15008: oxguy3 coebot-www channel.js showChannelBoir cross site scripting

Vendor Oxguy3
Product coebot-www
Weakness CWE-79 · XSS
Published January 4, 2023
Last update August 6, 2024

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability was found in oxguy3 coebot-www and classified as problematic. This issue affects the function displayChannelCommands/displayChannelQuotes/displayChannelAutoreplies/showChannelHighlights/showChannelBoir of the file js/channel.js. The manipulation leads to cross site scripting. The attack may be initiated remotely. The patch is named c1a6c44092585da4236237e0e7da94ee2996a0ca. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217355.

Key dates

02Disclosure timeline

January 4, 2023 CVE published
August 6, 2024 Record updated

Related vulnerabilities

04Related CVE