Medium severity6.1NVD Advisory· Published May 24, 2019· Updated Jun 17, 2026
CVE-2016-10245
CVE-2016-10245
Description
Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords6 versionspkg:rpm/suse/doxygen&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/doxygen&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/doxygen&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/doxygen&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/doxygen&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3pkg:rpm/suse/doxygen&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4
< 1.8.6-3.3.1+ 5 more
- (no CPE)range: < 1.8.6-3.3.1
- (no CPE)range: < 1.8.6-3.3.1
- (no CPE)range: < 1.8.6-3.3.1
- (no CPE)range: < 1.8.6-3.3.1
- (no CPE)range: < 1.8.6-3.3.1
- (no CPE)range: < 1.8.6-3.3.1
Patches
Vulnerability mechanics
References
7- github.com/doxygen/doxygen/commit/1cc1adad2de03a0f013881b8960daf89aa155081nvdPatchThird Party Advisory
- www.securityfocus.com/bid/108476nvdThird Party AdvisoryVDB Entry
- bugzilla.gnome.org/show_bug.cginvdIssue TrackingThird Party Advisory
- www.stack.nl/~dimitri/doxygen/manual/changelog.htmlnvdBroken Link
- lists.opensuse.org/opensuse-security-announce/2019-06/msg00000.htmlnvd
- lists.debian.org/debian-lts-announce/2019/05/msg00046.htmlnvd
- usn.ubuntu.com/4002-1/nvd
News mentions
0No linked articles in our index yet.