exploitDog

CVE-2012-6149

Опубликовано: 10 фев. 2014

Источник: redhat

CVSS2: 3.5

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) content values of a note in a system.addNote XML-RPC call.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-79

https://bugzilla.redhat.com/show_bug.cgi?id=882000(spacewalk-java): XSS in system.addNote XML-RPC call due improper sanitization of note's subject and content

EPSS

Процентиль: 48%

0.00252

Низкий

3.5 Low

CVSS2

Связанные уязвимости

CVE-2012-6149

nvd

почти 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) content values of a note in a system.addNote XML-RPC call.

GHSA-hr9j-j2w3-gwf8

github

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) content values of a note in a system.addNote XML-RPC call.

EPSS

Процентиль: 48%

0.00252

Низкий

3.5 Low

CVSS2