CVE-2014-7812

Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary web script or HTML via the System Groups field.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:spacewalk:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-01-15 15:59

Updated : 2024-02-28 12:20


NVD link : CVE-2014-7812

Mitre link : CVE-2014-7812

CVE.ORG link : CVE-2014-7812


JSON object : View

Products Affected

redhat

  • spacewalk
  • satellite

suse

  • manager
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')