CVE-2011-2920 Spacewalk: spacewalk: cross-site scripting vulnerability allows arbitrary web script execution.

🗓️ 05 Feb 2014 18:00:00Reported by redhatType

Multiple XSS vulnerabilities in Spacewalk 1.6, allowing remote injection of web scrip

Reporter	Title	Published	Views	Family All 12
ATTACKERKB	CVE-2011-2920	5 Feb 201418:55	–	attackerkb
CVE	CVE-2011-2920	5 Feb 201418:00	–	cve
EUVD	EUVD-2011-2893	7 Oct 202500:30	–	euvd
NVD	CVE-2011-2920	5 Feb 201418:55	–	nvd
OSV	RHSA-2011:1299 Red Hat Security Advisory: Red Hat Network Satellite server security and enhancement update	15 Sep 202419:23	–	osv
Prion	Cross site scripting	5 Feb 201418:55	–	prion
Positive Technologies	PT-2014-2131 · Red Hat · Spacewalk	5 Feb 201400:00	–	ptsecurity
Tenable Nessus	RHEL 6 : Red Hat Network Satellite server (RHSA-2011:1299)	24 Jan 201300:00	–	nessus
RedHat Linux	Moderate: Red Hat Security Advisory: Red Hat Network Satellite server security and enhancement update	15 Sep 201117:43	–	redhat
RedHat Linux	Satellite: XSS flaw(s) in filter handling	15 Sep 201117:43	–	redhat

[
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "rhn-client-tools",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "rhnsd",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "yum-rhn-plugin",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "rhnsd",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "yum-rhn-plugin",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  }
]

Source	Link
redhat	www.redhat.com/archives/spacewalk-announce-list/2011-December/msg00000.html
redhat	www.redhat.com/support/errata/RHSA-2011-1299.html
access	www.access.redhat.com/security/cve/CVE-2011-2920
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

02 Apr 2026 21:23Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.15.5

EPSS0.00725

CWE-79