VYPR
Medium severity6.1NVD Advisory· Published Dec 13, 2016· Updated Jun 17, 2026

CVE-2016-5060

CVE-2016-5060

Description

Multiple cross-site scripting (XSS) vulnerabilities in nGrinder before 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) description, (2) email, or (3) username parameter to user/save.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Naver/Ngrinder2 versions
    cpe:2.3:a:naver:ngrinder:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:naver:ngrinder:*:*:*:*:*:*:*:*range: <=3.3
    • (no CPE)range: <3.4
  • NGrinder/nGrinderllm-create
    Range: <3.4

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.