exploitDog

CVE-2013-1869

Опубликовано: 01 апр. 2014

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via the return_url parameter.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*

cpe:2.3:a:redhat:spacewalk-java:*:*:*:*:*:*:*:*

Версия до 2.1.147-1 (включая)

EPSS

Процентиль: 61%

0.00417

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2013-1869

redhat

почти 12 лет назад

CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via the return_url parameter.

GHSA-9c7m-xg64-cvv7

github

больше 3 лет назад

CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via the return_url parameter.

EPSS

Процентиль: 61%

0.00417

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-20