CVE-2016-7103

Impact:
Low
Public Date:
2016-07-21
CWE:
CWE-79
Bugzilla:
1360286: CVE-2016-7103 jquery-ui: cross-site scripting in dialog closeText
It was found that a parameter of the dialog box feature of jQuery UI was vulnerable to cross site scripting. An attacker could use this flaw to execute a malicious script via the dialog box when it was displayed to a user.

Find out more about CVE-2016-7103 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Enterprise Satellite 5 is now in phase 3 of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.

CVSS v2 metrics

Base Score 4.3
Base Metrics AV:N/AC:M/Au:N/C:N/I:P/A:N
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None

CVSS v3 metrics

CVSS3 Base Score 6.1
CVSS3 Base Metrics CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Changed
Confidentiality Low
Integrity Impact Low
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat OpenStack Platform 8.0 (Liberty) (python-XStatic-jquery-ui) RHSA-2016:2932 2016-12-08
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 (python-XStatic-jquery-ui) RHSA-2017:0161 2017-01-19
Red Hat OpenStack Platform 9.0 (python-XStatic-jquery-ui) RHSA-2016:2933 2016-12-08

Affected Packages State

Platform Package State
Red Hat Satellite 6 ruby193-rubygem-jquery-ui-rails Will not fix
Red Hat Satellite 5 jquery-ui Will not fix
Red Hat OpenStack Platform 10 python-XStatic-jquery-ui Will not fix
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 python-XStatic-jquery-ui Will not fix
OpenStack 6 Installer for RHEL 7 ruby193-rubygem-jquery-ui-rails Will not fix

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.