web/security: Add CVE-2016-3062