Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-3595

Опубликовано: 22 сент. 2014
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not properly handled when logging.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:satellite:5.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:spacewalk-java:1.2.39:*:*:*:*:*:*:*
cpe:2.3:a:redhat:spacewalk-java:1.7.54:*:*:*:*:*:*:*
cpe:2.3:a:redhat:spacewalk-java:2.0.2:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp2:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:suse:manager_server:-:*:*:*:*:*:*:*

EPSS

Процентиль: 53%
0.00302
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

redhat логотип

CVE-2014-3595

redhat
больше 11 лет назад

Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not properly handled when logging.

github логотип

GHSA-xgqv-fw8c-8qm6

github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not properly handled when logging.

EPSS

Процентиль: 53%
0.00302
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79