MEDIUM
Sivann
CVE published 2017-02-10
CVE-2016-10216
CVE-2016-10216 is a medium-severity cross-site scripting issue affecting IT Items Database (ITDB) through version 1.23. NVD says the vulnerable endpoint accepts insufficiently filtered user input in the value HTTP POST parameter at editable_ajax.php, allowing an attacker to execute arbitrary HTML and script code in a victim’s browser in the context of the vulnerable website.