Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 5.4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field of the asset tag in a Custom Info page.
References
Link | Resource |
---|---|
http://secunia.com/advisories/47162 | Broken Link |
http://www.redhat.com/support/errata/RHSA-2011-1794.html | Patch Vendor Advisory |
http://www.securityfocus.com/bid/50963 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id?1026391 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=742050 | Issue Tracking |
http://secunia.com/advisories/47162 | Broken Link |
http://www.redhat.com/support/errata/RHSA-2011-1794.html | Patch Vendor Advisory |
http://www.securityfocus.com/bid/50963 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id?1026391 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=742050 | Issue Tracking |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 01:32
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/47162 - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2011-1794.html - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/50963 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id?1026391 - Third Party Advisory, VDB Entry | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=742050 - Issue Tracking |
Information
Published : 2011-12-10 17:55
Updated : 2024-11-21 01:32
NVD link : CVE-2011-4346
Mitre link : CVE-2011-4346
CVE.ORG link : CVE-2011-4346
JSON object : View
Products Affected
redhat
- satellite
- enterprise_linux
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')