VYPR
Medium severity6.1NVD Advisory· Published Aug 31, 2017· Updated Jun 17, 2026

CVE-2016-10510

CVE-2016-10510

Description

Cross-site scripting (XSS) vulnerability in the Security component of Kohana before 3.3.6 allows remote attackers to inject arbitrary web script or HTML by bypassing the strip_image_tags protection mechanism in system/classes/Kohana/Security.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:kohanaframework:kohana:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:kohanaframework:kohana:*:*:*:*:*:*:*:*range: <=3.3.5
    • (no CPE)range: <3.3.6
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.