CVE-2016-6519

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-6519
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-6519.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-6519
Aliases
Downstream
Related
Published
2017-04-21T15:59:00Z
Modified
2025-07-01T03:17:33.518148Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form.

References

Affected packages

Debian:11 / manila-ui

Package

Name
manila-ui
Purl
pkg:deb/debian/manila-ui?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5.1-0

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / manila-ui

Package

Name
manila-ui
Purl
pkg:deb/debian/manila-ui?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5.1-0

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / manila-ui

Package

Name
manila-ui
Purl
pkg:deb/debian/manila-ui?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5.1-0

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/openstack/manila

Affected ranges

Type
GIT
Repo
https://github.com/openstack/manila
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a17c89ff0875305e4e90ccc45a696aae9d3864dd

Affected versions

1.*

1.0.0
1.0.0.0b1
1.0.0.0b2
1.0.0.0b3
1.0.0.0rc1
1.0.0.0rc2
1.0.0.0rc3
1.0.0a0

2.*

2.0.0
2.0.0.0b1
2.0.0.0b2
2.0.0.0b3
2.0.0.0rc1

2014.*

2014.2
2014.2.b3
2014.2.rc1
2014.2.rc2

2015.*

2015.1.0
2015.1.0b1
2015.1.0b2
2015.1.0b3
2015.1.0rc1
2015.1.0rc2

3.*

3.0.0
3.0.0.0b1
3.0.0.0b2
3.0.0.0b3
3.0.0.0rc1

4.*

4.0.0.0b1
4.0.0.0b2
4.0.0.0b3
4.0.0.0rc1

5.*

5.0.0
5.0.0.0b1
5.0.0.0b2
5.0.0.0b3
5.0.0.0rc1

6.*

6.0.0.0b1
6.0.0.0b2
6.0.0.0b3
6.0.0.0rc1

7.*

7.0.0
7.0.0.0b1
7.0.0.0b2
7.0.0.0b3
7.0.0.0rc1