Candidate: CVE-2016-4855
PublicDate: 2017-05-12 18:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4855
 https://jvn.jp/en/jp/JVN48237713/
Description:
 Cross-site scripting vulnerability in ADOdb versions prior to 5.20.6 allows
 remote attackers to inject arbitrary web script or HTML via unspecified
 vectors.
Ubuntu-Description:
Notes:
Bugs:
 https://github.com/ADOdb/ADOdb/issues/274
Priority: negligible
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N [6.1 MEDIUM]

Patches_libphp-adodb:
 upstream: https://github.com/ADOdb/ADOdb/commit/ecb93d8c1
upstream_libphp-adodb: released (5.20.6)
precise_libphp-adodb: ignored (reached end-of-life)
precise/esm_libphp-adodb: DNE (precise was needed)
trusty_libphp-adodb: released (5.15-1+deb7u1build0.14.04.1)
trusty/esm_libphp-adodb: DNE (trusty was released [5.15-1+deb7u1build0.14.04.1])
vivid/stable-phone-overlay_libphp-adodb: DNE
vivid/ubuntu-core_libphp-adodb: DNE
xenial_libphp-adodb: ignored (end of standard support, was needed)
yakkety_libphp-adodb: ignored (reached end-of-life)
zesty_libphp-adodb: ignored (reached end-of-life)
artful_libphp-adodb: ignored (reached end-of-life)
bionic_libphp-adodb: not-affected (5.20.6-1)
cosmic_libphp-adodb: not-affected (5.20.6-1)
disco_libphp-adodb: not-affected (5.20.6-1)
eoan_libphp-adodb: not-affected (5.20.6-1)
focal_libphp-adodb: not-affected (5.20.6-1)
groovy_libphp-adodb: not-affected (5.20.6-1)
hirsute_libphp-adodb: not-affected (5.20.6-1)
impish_libphp-adodb: not-affected (5.20.6-1)
jammy_libphp-adodb: not-affected (5.20.6-1)
devel_libphp-adodb: not-affected (5.20.6-1)