New Search

MDS API XSS Vulnerability - CVE-2016-7251 (MS16-136)

oval:org.cisecurity:def:1488

Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter aka "MDS API XSS Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2008
  • Microsoft Windows 8.1
  • Microsoft Windows 8
  • Microsoft Windows 10
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2016
Class:
vulnerability
Reference(s):
  • CVE-2016-7251
Product(s):
  • Microsoft SQL Server 2016