CVE-2016-6913
Description
Cross-site scripting (XSS) vulnerability in AlienVault OSSIM before 5.3 and USM before 5.3 allows remote attackers to inject arbitrary web script or HTML via the back parameter to ossim/conf/reload.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2016-6913 is a DOM-based XSS in AlienVault OSSIM/USM through 5.2, where the `back` parameter in `/ossim/conf/reload.php` is not sanitized.
Vulnerability
CVE-2016-6913 is a DOM-based cross-site scripting vulnerability in AlienVault OSSIM and USM versions 5.2 and earlier [1]. The flaw resides in the /ossim/conf/reload.php script. The application fails to properly validate or sanitize user-supplied input passed via the HTTP GET parameter back. This unsanitized input is embedded into a JavaScript context on the page, allowing an attacker to inject arbitrary script code into the document.location.href property [1]. The affected products include AlienVault OSSIM 5.2 and USM 5.2; older versions may also be vulnerable [1].
Exploitation
An attacker must be authenticated to the AlienVault web interface [1]. No additional privileges are required beyond a valid session. The attacker crafts a malicious URL containing a payload in the back parameter, for example: https://target/ossim/conf/reload.php?what=policies&back=\'%27;alert(/XSS/);// [1]. When a victim user clicks such a link (or is redirected to it), the injected JavaScript executes in the context of the victim's browser session [1]. The exploitation does not require user interaction beyond following the crafted link.
Impact
Successful exploitation allows the attacker to execute arbitrary JavaScript in the browser of an authenticated user, leading to potential theft of session cookies, redirection to malicious sites, or defacement of the web interface [1]. The attack is limited to the scope of the OSSIM/USM web application and requires an authenticated session, reducing the severity compared to unauthenticated XSS [1]. The CVSS v3 score is 5.4 (Medium), reflecting the need for authentication and user interaction for some impact scenarios [1].
Mitigation
The vulnerability is fixed in AlienVault OSSIM and USM version 5.3 [1]. The vendor released this version on an unspecified date prior to the public disclosure on 2016-08-23 [1]. Users are advised to upgrade to version 5.3 or later. No known workarounds were provided for users unable to upgrade [1]. The vulnerability is not listed in the CISA KEV catalog.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <5.3
- Range: <5.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- seclists.org/fulldisclosure/2016/Aug/122nvdExploitThird Party Advisory
- www.alienvault.com/forums/discussion/7558/nvdVendor Advisory
- www.securityfocus.com/bid/92632nvdVDB Entry
News mentions
0No linked articles in our index yet.