Candidate: CVE-2016-10510
PublicDate: 2017-08-31 20:29:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10510
Description: 
 Cross-site scripting (XSS) vulnerability in the Security component of
 Kohana before 3.3.6 allows remote attackers to inject arbitrary web script
 or HTML by bypassing the strip_image_tags protection mechanism in
 system/classes/Kohana/Security.php.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: low
Discovered-by:
Assigned-to: 
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N [6.1 MEDIUM]


Patches_libkohana2-php:
upstream_libkohana2-php: needs-triage
precise/esm_libkohana2-php: DNE
trusty_libkohana2-php: released (2.3.4-2+deb7u1build0.14.04.1)
trusty/esm_libkohana2-php: DNE (trusty was released [2.3.4-2+deb7u1build0.14.04.1])
xenial_libkohana2-php: DNE
artful_libkohana2-php: DNE
devel_libkohana2-php: DNE