Medium severity6.1OSV Advisory· Published Dec 9, 2016· Updated Jun 17, 2026
CVE-2016-6523
CVE-2016-6523
Description
Multiple cross-site scripting (XSS) vulnerabilities in the media manager in Dotclear before 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) q or (2) link_type parameter to admin/media.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
5- www.openwall.com/lists/oss-security/2016/08/02/13nvdPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2016/08/02/3nvdPatchThird Party Advisory
- hg.dotclear.org/dotclear/rev/40d0207e520dnvdPatchVendor Advisory
- www.securityfocus.com/bid/92272nvdThird Party AdvisoryVDB Entry
- hg.dotclear.org/dotclear/file/18dc878c1178/CHANGELOGnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.