Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary web script or HTML via the System Groups field.
References
Configurations
History
21 Nov 2024, 02:18
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00020.html - | |
References | () http://rhn.redhat.com/errata/RHSA-2015-0033.html - Vendor Advisory | |
References | () http://secunia.com/advisories/62183 - |
Information
Published : 2015-01-15 15:59
Updated : 2024-11-21 02:18
NVD link : CVE-2014-7812
Mitre link : CVE-2014-7812
CVE.ORG link : CVE-2014-7812
JSON object : View
Products Affected
suse
- manager
redhat
- spacewalk
- satellite
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')