CVE-2016-6812

medium

Apache

CVSS v3 Base Score

6.1

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS Score

8.6%

Exploitation probability in 30 days

Top 8% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Confidentiality

Low

Integrity

Low

Availability

None

Published: August 10, 2017 (3199 days ago)

Last Modified: May 13, 2026

Vendor: Apache

Source: NVD

Description

The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available service endpoints. The module calculates the base URL using the current HttpServletRequest. The calculated base URL is used by FormattedServiceListWriter to build the service endpoint absolute URLs. If the unexpected matrix parameters have been injected into the request URL then these matrix parameters will find their way back to the client in the services list page which represents an XSS risk to the client.

CWE

CWE-79

Affected Products

apache cxf

References

🔗 cxf.apache.org 🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 access.redhat.com 🔗 issues.apache.org

CVE-2016-6812

Vulnerability Report

Description

CWE

Affected Products

References