CVE-2016-2058
- Source
- https://cve.org/CVERecord?id=CVE-2016-2058
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2058.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-2058
- Downstream
- Related
- Published
- 2016-04-13T16:59:08.787Z
- Modified
- 2026-03-12T22:15:23.543280Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Multiple cross-site scripting (XSS) vulnerabilities in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow (1) remote Xymon clients to inject arbitrary web script or HTML via a status-message, which is not properly handled in the "detailed status" page, or (2) remote authenticated users to inject arbitrary web script or HTML via an acknowledgement message, which is not properly handled in the "status" page.
- References
Affected packages
Git /
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.1.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.1.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.1.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.1.2-p1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.1.2-p2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.2-alfa"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.2-beta20060605"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.2-rc20060712"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.2.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.2.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.2.2-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.2.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.2.3-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.0-beta1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.0-beta2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.0-beta3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.0-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.16"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.17"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.18"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.19"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.19-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.20"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.21"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.22"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.23"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.3.24"
}
]
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2058.json"