{"id":"CVE-2016-4855","details":"Cross-site scripting vulnerability in ADOdb versions prior to 5.20.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","aliases":["GHSA-hhfw-xxhm-pf32"],"modified":"2026-03-20T03:13:46.407719Z","published":"2017-05-12T18:29:00.280Z","related":["MGASA-2016-0363"],"references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/92753"},{"type":"ADVISORY","url":"https://github.com/ADOdb/ADOdb/issues/274"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201701-59"},{"type":"ADVISORY","url":"http://jvn.jp/en/jp/JVN48237713/index.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/adodb/adodb","events":[{"introduced":"0"},{"last_affected":"7ce997d4c5957a1a96e7ab483ad088b15f02b191"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.20.5"}]}}],"versions":["v5.00beta","v5.01beta","v5.02","v5.02a","v5.03","v5.04","v5.05","v5.06","v5.07","v5.08","v5.08a","v5.09","v5.09a","v5.10","v5.11","v5.12","v5.13","v5.14","v5.15","v5.16","v5.16a","v5.17","v5.18","v5.18a","v5.19","v5.20.0","v5.20.1","v5.20.2","v5.20.3","v5.20.4","v5.20.5"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-4855.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}