cvelist/2016/3xxx/CVE-2016-3670.json

{
    "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2016-3670",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "https://labs.integrity.pt/advisories/cve-2016-3670/",
                "refsource": "MISC",
                "url": "https://labs.integrity.pt/advisories/cve-2016-3670/"
            },
            {
                "name": "39880",
                "refsource": "EXPLOIT-DB",
                "url": "https://www.exploit-db.com/exploits/39880/"
            },
            {
                "name": "20160601 CVE-2016-3670 Stored Cross Site Scripting in Liferay CE",
                "refsource": "FULLDISC",
                "url": "http://seclists.org/fulldisclosure/2016/Jun/5"
            },
            {
                "name": "https://issues.liferay.com/browse/LPS-62387",
                "refsource": "CONFIRM",
                "url": "https://issues.liferay.com/browse/LPS-62387"
            },
            {
                "name": "1036083",
                "refsource": "SECTRACK",
                "url": "http://www.securitytracker.com/id/1036083"
            },
            {
                "name": "http://packetstormsecurity.com/files/137279/Liferay-CE-Stored-Cross-Site-Scripting.html",
                "refsource": "MISC",
                "url": "http://packetstormsecurity.com/files/137279/Liferay-CE-Stored-Cross-Site-Scripting.html"
            }
        ]
    }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-18 02:37:27 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "cve@mitre.org",`
			`"ID": "CVE-2016-3670",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "n/a",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-18 02:37:27 +00:00			`"lang": "eng",`
			`"value": "Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field."`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
"-Synchronized-Data." 2019-03-18 02:37:27 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "https://labs.integrity.pt/advisories/cve-2016-3670/",`
			`"refsource": "MISC",`
			`"url": "https://labs.integrity.pt/advisories/cve-2016-3670/"`
			`},`
			`{`
			`"name": "39880",`
			`"refsource": "EXPLOIT-DB",`
			`"url": "https://www.exploit-db.com/exploits/39880/"`
			`},`
			`{`
			`"name": "20160601 CVE-2016-3670 Stored Cross Site Scripting in Liferay CE",`
			`"refsource": "FULLDISC",`
			`"url": "http://seclists.org/fulldisclosure/2016/Jun/5"`
			`},`
			`{`
			`"name": "https://issues.liferay.com/browse/LPS-62387",`
			`"refsource": "CONFIRM",`
			`"url": "https://issues.liferay.com/browse/LPS-62387"`
			`},`
			`{`
			`"name": "1036083",`
			`"refsource": "SECTRACK",`
			`"url": "http://www.securitytracker.com/id/1036083"`
			`},`
			`{`
			`"name": "http://packetstormsecurity.com/files/137279/Liferay-CE-Stored-Cross-Site-Scripting.html",`
			`"refsource": "MISC",`
			`"url": "http://packetstormsecurity.com/files/137279/Liferay-CE-Stored-Cross-Site-Scripting.html"`
			`}`
			`]`
			`}`
			`}`