CVE-2011-2650

Cross-site scripting XSS vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted pattern name that is included in an RPM info display...

CVE-2011-2650

The connected SUSE advisory confirms an XSS vulnerability in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allowing remote attackers to inject arbitrary web script or HTML via a crafted pattern name shown in an RPM info display. No exploit details are provided in the documents,...