Miggo Logo
Miggo Vulnerability Database
CVE-2016-6519

CVE-2016-6519: Openstack Manila Persistent XSS in Metadata field

5.4

CVSS Score
3.0

Basic Information

CVE ID
CVE-2016-6519
GHSA ID
GHSA-vq76-5ghr-9p4v
EPSS Score
0.50802%
CWE
CWE-79
Published
5/13/2022
Updated
5/14/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
manila-uipip< 2.5.12.5.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper input sanitization in the metadata_to_str function. The original code used mark_safe() on unescaped user-controlled metadata values (as shown in pre-patch code and referenced in the bug report). The patched version introduced HTML escaping via a custom html_escape() function before passing the data to mark_safe(), confirming the absence of proper escaping was the root cause. Commit diffs (e.g., fca19a1) explicitly modify this function to add escaping, and the bug report directly attributes the vulnerability to unsafe handling of metadata in this context.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ross-sit* s*riptin* (XSS) vuln*r**ility in t** "S**r*s" ov*rvi*w in Op*nst**k M*nil* ***or* *.*.* *llows r*mot* *ut**nti**t** us*rs to inj**t *r*itr*ry w** s*ript or *TML vi* t** M*t***t* *i*l* in t** "*r**t* S**r*" *orm.

Reasoning

T** vuln*r**ility st*ms *rom improp*r input s*nitiz*tion in t** m*t***t*_to_str *un*tion. T** ori*in*l *o** us** m*rk_s***() on un*s**p** us*r-*ontroll** m*t***t* v*lu*s (*s s*own in pr*-p*t** *o** *n* r***r*n*** in t** *u* r*port). T** p*t**** v*rsi