CVE-2016-7103 - Medium Severity Vulnerability
Vulnerable Libraries - alquran/api-client-v1.3, media-library-assistant2.53
alquran/api-client-v1.3
AlQuran.cloud REST API Client
Library home page: https://api.github.com/repos/islamic-network/alquran-api-client-php/zipball/1708cbd02adac0b3f39b4fbbeb78b90c5b45807a
Dependency Hierarchy:
- ❌ alquran/api-client-v1.3 (Vulnerable Library)
Found in HEAD commit: 8c4d4ea25197c8d39b5b50edef9ea6842b0fc7a6
Found in base branch: master
Vulnerability Details
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
Publish Date: 2017-03-15
URL: CVE-2016-7103
CVSS 3 Score Details (6.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7103
Release Date: 2017-03-15
Fix Resolution: jquery-ui - 1.12.0
Step up your Open Source Security Game with Mend here
CVE-2016-7103 - Medium Severity Vulnerability
alquran/api-client-v1.3
AlQuran.cloud REST API Client
Library home page: https://api.github.com/repos/islamic-network/alquran-api-client-php/zipball/1708cbd02adac0b3f39b4fbbeb78b90c5b45807a
Dependency Hierarchy:
Found in HEAD commit: 8c4d4ea25197c8d39b5b50edef9ea6842b0fc7a6
Found in base branch: master
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
Publish Date: 2017-03-15
URL: CVE-2016-7103
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7103
Release Date: 2017-03-15
Fix Resolution: jquery-ui - 1.12.0
Step up your Open Source Security Game with Mend here