Описание
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.6 (включая)
Одно из
cpe:2.3:a:redhat:network_satellite:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:spacewalk:-:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00184
Низкий
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
redhat
около 11 лет назад
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.
github
больше 3 лет назад
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.
EPSS
Процентиль: 40%
0.00184
Низкий
3.5 Low
CVSS2
Дефекты
CWE-79