Medium severity6.1NVD Advisory· Published Oct 26, 2016· Updated May 6, 2026

CVE-2016-8506

Description

XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.

Affected products

Yandex/Yandex.browser6 versions
cpe:2.3:a:yandex:yandex_browser:15.12.0.6151:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:yandex:yandex_browser:15.12.0.6151:*:*:*:*:*:*:*
- cpe:2.3:a:yandex:yandex_browser:15.12.1.6475:*:*:*:*:*:*:*
- cpe:2.3:a:yandex:yandex_browser:15.2.2214.3645:*:*:*:*:*:*:*
- cpe:2.3:a:yandex:yandex_browser:15.4.2272.3429:*:*:*:*:*:*:*
- cpe:2.3:a:yandex:yandex_browser:15.6.2311.5029:*:*:*:*:*:*:*
- cpe:2.3:a:yandex:yandex_browser:16.2.0.3539:*:*:*:*:*:*:*
Yandex N.V./Yandex Browser for desktopv5
Range: 15.12 to 16.2 for OSx and Linux

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/93927nvdThird Party AdvisoryVDB Entry
browser.yandex.com/security/changelogs/nvdRelease NotesVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000